Newbie: help to configure PEAP extension for windows XP wireless Clients
Hi, I am a newbie with Radius and I have problems to authenticate XP wireless clients with eap. I think that my first problem is due to the fact that Windows XP client requires a Certificate Authority since Windows only recognized signed certificate. I could not find the certificate properties windows as shown in the following link: http://deployingradius.com/documents/configuration/eap.html My first question is where is this Smart Card or other Certificate Properties window, is it in the wireless 802.1x configuration window or in the internet explorer where you import certificate. I am using Windows XP with service pack 3. 2) Does FreeRadius generates automatically a self-signed Certificates when we start radiusd -X for the first time. Can we also imports the ca.der file into Windows XP to test our PEAP authentication. Does the server certificate created with the self-signed certificate is good enough to authenticate Windows XP wireless client 3) Can we used the root/server/client self-signed certificate for authentication EAP-TLS. Does making new root/server/client certificate with the make function overides thte self-one Thanks for all your help Stephane
Stephane Brodeur wrote:
I am a newbie with Radius and I have problems to authenticate XP wireless clients with eap. I think that my first problem is due to the fact that Windows XP client requires a Certificate Authority since Windows only recognized signed certificate. I could not find the certificate properties windows as shown in the following link:
Microsoft may have changed their GUI...
My first question is where is this Smart Card or other Certificate Properties window, is it in the wireless 802.1x configuration window or in the internet explorer where you import certificate. I am using Windows XP with service pack 3.
It's in the 802.1X config.
2) Does FreeRadius generates automatically a self-signed Certificates when we start radiusd -X for the first time.
Yes. This is documented.
Can we also imports the ca.der file into Windows XP to test our PEAP authentication. Does the server certificate created with the self-signed certificate is good enough to authenticate Windows XP wireless client
Yes. This is documented on the web page you referenced above.
3) Can we used the root/server/client self-signed certificate for authentication EAP-TLS. Does making new root/server/client certificate with the make function overides thte self-one
Yes, and yes. The intent behind creating the certificates is that they are *useful*. There is no reason for the server to create useless certificates. Alan DeKok.
participants (2)
-
Alan DeKok -
Stephane Brodeur