[help] Mikrotik WDS + WPA2-EAP TLS + FreeRadius = failure

Denis Iskandarov d.iskandarov at gmail.com
Fri Sep 17 15:02:13 CEST 2010


I really appreciate your help but i can't understand some things.
okey, let me ask some questions based on your very first answer.
So suplicant sending some wrong packet. or something wrong withs it certificate?
AP configured to use EAP-TLS and "passthrough" all eap requests to my
freeradius.
Client has it's client certificate.
i've generated 3 certificates with OpenSSL: cacert.pem
server-keycert.pem and client-keycert.pem (with xpextensions, but this
is optional for xp clients).
ca and server certs seems to be working coz TTLS is working fine.

> The supplicant is broken.  It's sending an EAP-Identity field with no
> data:

where "EAP-Identity field" is generated? what have i to check ?

Other question, should this lines be uncommented:
 check_cert_issuer = "/C=ZZ/ST=Yyyyy/L=yyyyy/O=Xxx"
 or
 check_cert_cn = %{User-Name}

or those are optional and by default some other fields are used for
authentication?

also. what should i insert in user.conf (in daloRADIUS db in my
case)... which user or password should be used. Or TLS is not used
with database and i can't track WiFi link users with EAP-TLS through
db and daloRADIUS?



More information about the Freeradius-Users mailing list