Failure with "TLS authentication" and "Freeradius on Fefora-17"
ajaygargnsit at gmail.com
Tue Jan 8 21:53:01 CET 2013
On Tue, Jan 8, 2013 at 6:45 PM, John Dennis <jdennis at redhat.com> wrote:
> On 01/08/2013 05:10 AM, Ajay Garg wrote:
>> Could you please specify the order of scripts to be run, so that proper
>> certificates may be generated - both for the server, and the client? :P
> You were given the answer. It's not just a matter of running the scripts
> it also requires knowing what the scripts output and how to configure
> *both* the client and the server with the script output.
> You've never explained what you're doing in any detail, especially with
> regard to where you're generating the client cert. In a previous email I
> explained what the server needs and what the client needs. Now you're going
> to have to put that information to use. You really do have to invest the
> energy into learning how the pieces fit together.
Ok.. so here goes what I have been wanting to accomplish :P
Configure the router to do WPA/WPA2-Enterprise authentication.
The authentication is to be done via a freeradius-server.
I connect a wired-cable between the router and the
freeradius-server-machine, to have a physical medium via which the router
and the server may talk.
Freeradius-server is running on Fedora-17 (freeradius-2.2.0-0.fc17.i686)
After installing freeradius, the certificates are generated via (on
Fedora-17 machine) ::
chmod 0644 client.p12
chmod 0644 ca.pem
Now, the freeradius is started on the Fedora-17 machine as ::
sudo /usr/sbin/radiusd -X &
Server runs fine.
THE SAME FEDORA-17 MACHINE ACTS AS THE CLIENT TOO :)
Now, from the gnome-panel applet, I try connecting to the WPA/WPA-2
Enterprise network, by setting the following settings ::
Private Key Password :
I click the "Connect" button.....
and then the dreaded logs happen :(
> John Dennis <jdennis at redhat.com>
> Looking to carve out IT costs?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users