Problem with configuring freeradius for WPA

tnt at kalik.net tnt at kalik.net
Tue Feb 24 12:33:29 CET 2009


>I've been trying to autheticate a Wireless Acess Point through a Radius
>Server for last 1 month, but things doesn't seem to be working for me.
>The Radius Server is authenticating when I test it with the radtest
>command. It also worked for a Cisco 2950 switch. But no luck when I use
>the Access Point. I have tried 3 different accesspoints, including
>Linksys, D-Link and the Firepro, but none of them worked.
>
>I do not get any error when I check the radius in debug mode. It says
>"Sending Access-Challange to ....", but the client doesn't get
>authenticated. I seriously need help on this.
>
>1. Do I really need certificates for authentication?

Yes. That conversation is EAP-TLS. *You* have selected that
authentication method when you were creating the connection.

>Is there a way to
>achieve WPA with UserName and Password, without installing certificates?

Yes. You can do PEAP with usernames and passwords. You might need to
install CA certificate if you are signing your own.

>2. Should the AP send "User-Password" attribute to the Radius Server?

No.

>Or
>should the Radius Server send an Access-Challange to the AP, and AP does
>matching and all.

AP does nothing. It jast passes the challenge to the users machine.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list