TLS certificates authorities.

Turner, Ryan H rhturner at
Fri Sep 9 15:48:28 CEST 2016

To add an experience about this...  We 'used' to run EAP-TTLS with PAP (because of the Kerberos backend) for our secured wireless SSID.  We have about 8,000 access points and over 70,000 wireless users daily.  We had users configure their devices through Cloudpath (we now use SecureW2) to make sure that they require server certificate validation and that it was limited to a private CA.  I became concerned at the security implecations for users that did NOT onboard with the proper configurator (those people who manually configure their device and don't enter in anything to prevent MITM attacks).  I setup a honeypot with a freeRadius server on the backend by configuring a Linksys Router to broadcast our SSID.  The freeRadius on the backend was not configured with any of our stuff, and I ran it in debug mode.  Within 5 minutes, I have several credentials.

We switched entirely to EAP-TLS within 6 months, and we've been that way for over 3 years now, onboarding hundreds of thousands of devices without issue in a large environment.  I strongly urge folks to get off username/password EAP types for wireless.  Too much risk.

BTW...  We are looking for a new Network System Architect (all things systems related around networking | DNS, DHCP, IPAM, Virtualization).  The position is open until 9/27.   I am having a difficult time getting applicants despite an advertised pay band of $95-$105k (in Chapel Hill, NC).  If anyone is interested, please check out:

Ryan Turner
Manager of Network Operations
ITS Communication Technologies
The University of North Carolina at Chapel Hill

r at
+1 919 445 0113 Office
+1 919 274 7926 Mobile

-----Original Message-----
From: Freeradius-Users [ at] On Behalf Of Stefan Winter
Sent: Friday, September 9, 2016 3:52 AM
To: freeradius-users at
Subject: Re: TLS certificates authorities.


> Could you please clarify you warning regarding client configuration? 
> Some systems allow my EAP-TTLS+PAP configuration out of the box, do 
> you mean in could be insecure? Are there any way to prevent client 
> authentication unless it have my CA installed?

The TLS channel is the only line of defence against credential theft. If users choose to ignore security warnings related to the certificate, anyone can present an arbitrary certificate and the user's device will merrily deliver the password in cleartext to anyone who's asking.

The situation is *slightly* less critical with TTLS-MSCHAPv2 or PEAP because at least they only transmit the NTHash of the user's password, not the cleartext.

NTHash can meanwhile be broken rather trivially though, so this won't stop a determined attacker.

Getting the cert validation done right really is the only working repellant against rogue AP+rogue RADIUS server attacks.

Funny enough, this situation is explained extensively on :-)

(look at "User Device Configuration")


Stefan Winter

Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's key is known to me

More information about the Freeradius-Users mailing list