WPA authentication works only with MacOS clients

Josh Shamir josh.shamir at gmail.com
Mon Oct 16 17:53:11 CEST 2006


Hi,
I can't use NT-hash because I use PAP and I need clear-text password.
However I've generated server-side certificates with CA.all script with
standart xpextension:

[ xpclient_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.2

[ xpserver_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.1

Can I modify this OID to create MS-Windows compatible certificates?
Or there are some other way to obtain this feature?

Best Regards,
Josh

On 10/16/06, A.L.M.Buxey at lboro.ac.uk <A.L.M.Buxey at lboro.ac.uk> wrote:
>
> Hi,
>
> > Hello all,
> > I'm using WPA with EAP-TTLS and PEAP with a MacOS .Authentication works
> fine
> > (even if enough slowly).
> > The problem is that I can't authenticate WinXP client.
> > I've readed that for using EAP-TTLS are required some other supplicant
> like
> > SecureW2. Is SecureW2 required also for PEAP?
>
> no. the builtin WinXP supplicant does PEAP natively.  however, dont forget
> that PEAP doesnt deal with plain text passwords - you either need to have
> NT-hash or use ntlm_auth
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20061016/0de72592/attachment.html>


More information about the Freeradius-Users mailing list