Re: EAP-TLS cert

[Kwok Sianbin <sianbin_kwok@yahoo.com>]

Hi,
 
 I've installed FreeRadius-2.0.4 and run fine.
 Here a few thing I had editted.
 
 Clients.conf
 client 192.168.0.0/24 {
     secret        = testing123-1
     shortname    = private-network-1
}
 
 eap {
         default_eap_type    = tls
 }
 ....
 
 tls {
     fragment_size    =1024
         include_lenght    = yes
 }
 
 users
 MarsindNet    Cleartext_Password    := "hello"
                      Reply-Message = "Hello, %{User-Name}"
 
 Now..I want to test connecting with Windows XP but I could not find
 root.der or cert-clt.p12 like previous version has.
 
 What files should I copy and install into Windows XP as client certificate?
 
 Thanks in advance.
 
Alan DeKok <aland@deployingradius.com> wrote:
>  Kwok Sianbin wrote:
> > I am newbie to linux and recently I try to implement  wireless
> > connnection with EAP-TLS encryption. I am using Freeradius-1.1.7
> > installed into Red Hat Enterprise 4.
>
>   You should really use 2.0.4.
>
> > Here I encounter problems that I can't solve it alone hence I need
> > advice guru from this forum.
> > the problem is client just can't get connected and keep request.
>
> > ...
> > Sending Access-Challenge of id 15 to 192.168.0.206 port 1025
> >...
> > Going to the next request
> > Waking up in 6 seconds...
>
>   This is in the FAQ.  It's also documented in the "eap.conf" file in 2.0.4.
>
> > Here I post the CA.certs execution result as I suppect that the errors
> > might
>  be due to certificate error.
> > When I run ./CA.certs and I got a few errors.
>
>   2.0.4 also contains new scripts for certificate creation.  They're
> MUCH better than what's in 1.1.7.
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html