FreeRadius with EAP-TLS on windows 7, certs installed but not sent out.
luckydog xf
luckydogxf at gmail.com
Wed Dec 12 12:46:41 CET 2018
I used eapol_test with certificates, it works like a charm. So I guess
certificate created by `make xxx` may be not compatible with requirement of
windows.
On Wed, Dec 12, 2018 at 7:41 PM luckydog xf <luckydogxf at gmail.com> wrote:
> HI,
>
> I'm using EAP-TLS to do WI-FI authentication, I setup WPA2 enterprise +
> AES(CCMP) on my AP, and shared key on clients.conf of radius.
>
> I also used make ca.pem, make server.pem and make client.pem on
> /etc/raddb/certs, and copied ca.der and client.pem(rename to client.crt) on
> windows7, installed ca.der on 'trusted root certification authorities' and
> client.crt on 'personal' respectively.
>
> When I tried to connect the SSID of that AP, nothing was sent out to
> radius server, no Access-Request, I also used WireShark to capture packets
> of my wireless NIC, nothing at all.
>
> Looks it keeps trying to connect this SSID, and pops up messages that
> certificate is required... please contact your IT admins.etc, thing like
> that.
>
> My wireless NIC works as I tried to connect another SSID with password,
> wireshark showed inbound and outbound packets.
>
> So any idea why win7 does not send out any packet? Anything is wrong?
>
> I used scripts of certs/ Makefile, so extended key usage required by
> windows is added.
>
> Thanks,
>
>
>
>
More information about the Freeradius-Users
mailing list