I used eapol_test with certificates, it works like a charm. So I guess certificate created by `make xxx` may be not compatible with requirement of windows. On Wed, Dec 12, 2018 at 7:41 PM luckydog xf <luckydogxf@gmail.com> wrote:
HI,
I'm using EAP-TLS to do WI-FI authentication, I setup WPA2 enterprise + AES(CCMP) on my AP, and shared key on clients.conf of radius.
I also used make ca.pem, make server.pem and make client.pem on /etc/raddb/certs, and copied ca.der and client.pem(rename to client.crt) on windows7, installed ca.der on 'trusted root certification authorities' and client.crt on 'personal' respectively.
When I tried to connect the SSID of that AP, nothing was sent out to radius server, no Access-Request, I also used WireShark to capture packets of my wireless NIC, nothing at all.
Looks it keeps trying to connect this SSID, and pops up messages that certificate is required... please contact your IT admins.etc, thing like that.
My wireless NIC works as I tried to connect another SSID with password, wireshark showed inbound and outbound packets.
So any idea why win7 does not send out any packet? Anything is wrong?
I used scripts of certs/ Makefile, so extended key usage required by windows is added.
Thanks,