I don't know if my chiming in will make a difference or not.
But windows can authenticate with a machine certificate or a user
certificate
If you're doing the machine certificates, please say so, I'm a little
confused as to what exactly you are doing now.
-Bob
Thibault Le Meur wrote:
I don't know if my chiming in will make a difference or not.
But windows can authenticate with a machine certificate or a user
certificate
If you're doing the machine certificates, please say so, I'm a little
confused as to what exactly you are doing now.
I don't now if you're asking
Hi,
it works now. Thanks Thibault, you saved my day, again! :-)
- the extension SubjectAltName must contain the Netbios name of the PC
(I think)
This had no meaning in my tests. Anyway, there must be chosen a type of
that field. Did you take DNS-Name, Email or Raw? I took now DNS-Name,
but
Hi,
Thibault Le Meur schrieb:
Alexandros do you confirm that you are not trying to authenticate the
user, but only the host at boot time ?
Exactly. The hosts need to be authentified, we simply do that to protect
the Ethernetports of the switch. Our students plug in their equipment
otherwise
Hi,
it works now. Thanks Thibault, you saved my day, again! :-)
You're welcome
- the extension SubjectAltName must contain the Netbios name of the
PC (I think)
This had no meaning in my tests. Anyway, there must be chosen a type
of that field. Did you take DNS-Name, Email or Raw?
I use
We've got the same error here... but it's not terminal
we use eap+tls (wpa-enterprise). server has certificate, but (as alan
mentioned) there is no client certificate
it's also not needed. so you can ignore the error if you use eap+tls
(peap - mschapv2 + user/pass)
i did use Auth-Type := eap
Hello Alan,
Alan DeKok schrieb:
No. It means that there is NO client cert. The authentication
process continues, so it's obviously not a catastrophic problem.
Is it simply not sent, or somehow not available? Because I know for sure
that there is a cert on the client. And I did nothing
We've got the same error here... but it's not terminal
But I don't get this error on a conversation which leads to an
Access-Accept. I think because you're doing a username/password login
for your Wireless-Clients, you need to use as written PEAP and MSCHAPV2.
Usernames and passwords have
Hello Alan,
Alan DeKok schrieb:
No. It means that there is NO client cert. The authentication
process continues, so it's obviously not a catastrophic problem.
Is it simply not sent, or somehow not available? Because I know for
sure that there is a cert on the client. And I did nothing
Collen Blijenberg [EMAIL PROTECTED] wrote:
we use eap+tls (wpa-enterprise). server has certificate, but (as alan
mentioned) there is no client certificate
it's also not needed. so you can ignore the error if you use eap+tls
(peap - mschapv2 + user/pass)
Please be careful with terminology.
Hi,
I have trouble with one XP-SP2 client, using a certificate to make
802.1x Auth over EAP-TLS. The cert is a machine cert. On the serverside
I get this (using -X -A) in authenticate:
modcall: entering group authenticate for request 33
rlm_eap: Request found, released from the list
Alexandros Gougousoudis [EMAIL PROTECTED] wrote:
TLS_accept:error in SSLv3 read client certificate A
...
Which indicates that there is a problem in the client-cert.
No. It means that there is NO client cert. The authentication
process continues, so it's obviously not a catastrophic
12 matches
Mail list logo
