FreeRadius with EAP-TLS on windows 7, certs installed but not sent out.
luckydog xf
luckydogxf at gmail.com
Wed Dec 12 12:49:11 CET 2018
I know AP is a NAS , but why there is nothing sent out on my wireless NIC,
as I captured it by wireshark. At lease it should send out something
basic...
On Wed, Dec 12, 2018 at 7:46 PM luckydog xf <luckydogxf at gmail.com> wrote:
> I used eapol_test with certificates, it works like a charm. So I guess
> certificate created by `make xxx` may be not compatible with requirement of
> windows.
>
> On Wed, Dec 12, 2018 at 7:41 PM luckydog xf <luckydogxf at gmail.com> wrote:
>
>> HI,
>>
>> I'm using EAP-TLS to do WI-FI authentication, I setup WPA2
>> enterprise + AES(CCMP) on my AP, and shared key on clients.conf of radius.
>>
>> I also used make ca.pem, make server.pem and make client.pem on
>> /etc/raddb/certs, and copied ca.der and client.pem(rename to client.crt) on
>> windows7, installed ca.der on 'trusted root certification authorities' and
>> client.crt on 'personal' respectively.
>>
>> When I tried to connect the SSID of that AP, nothing was sent out to
>> radius server, no Access-Request, I also used WireShark to capture packets
>> of my wireless NIC, nothing at all.
>>
>> Looks it keeps trying to connect this SSID, and pops up messages that
>> certificate is required... please contact your IT admins.etc, thing like
>> that.
>>
>> My wireless NIC works as I tried to connect another SSID with
>> password, wireshark showed inbound and outbound packets.
>>
>> So any idea why win7 does not send out any packet? Anything is wrong?
>>
>> I used scripts of certs/ Makefile, so extended key usage required by
>> windows is added.
>>
>> Thanks,
>>
>>
>>
>>
>
More information about the Freeradius-Users
mailing list