Questions tagged [eap]
48 questions
1
vote
1 answer
Is it ok to use PAP with TTLS on radius server?
We have deployed Radius server ( Freeradius 3.x ) and connected it to our LDAP database (ForgeRock OpenDJ).
We have successfully configured EAP-TTLS with valid certificates and set it as default connection method. ( almost all other settings are…
pagep
- 137
- 2
- 9
1
vote
1 answer
vpn connection to an azure virtual network
I have to connect to a Azure VNet, Which uses a certificate to authenticate that has been provided to me. When i try to connect to the VNet i get below error
The Extensible Authentication Protocol type required for authentication of the remote…
Arvind
- 111
- 1
1
vote
1 answer
Strongswan IKEv2 auth - pubkey and EAP
I'am trying to setup strongswan with pubkey and EAP authentication. To login users need to have certificate and valid credentials.
My certificate is ok. I tested pubkey auth and it was ok, also EAP is working, but when i trying run this two auth…
user9443103
- 15
- 5
1
vote
1 answer
How to enable 802.1x EAP-TTLS with PAP in Windows 7?
By default, Windows 7 doesn't support EAP-TTLS authentication method natively. If I enable IEEE 802.1X authentication in Windows 7, I can see only two authentication methods:
Microsoft smart cards or other certificates
Microsoft: Protected…
Yuanqiu Li
- 31
- 1
- 5
1
vote
0 answers
Freeradius Proxy eap-mschapv2 auth to non-eap Radius server
I'm using strongswan 5.6.0 & Freeradius 3.0.13 on CentOS7 as vpn server
- Strongswan send radius requests to freeradius
- freeradius proxy all request to another Radius Server that not support EAP challenge
All non-eap request from freeradius…
Pedram Masoumi
- 11
- 1
1
vote
0 answers
802.1x Wifi with NPS Server, using EAP-PEAP and a certificate for Authentication
I don't know if what I am trying to do is possible but here we go.
I have a bunch of iPad's that I am going to supervise before they go on to my network. The iPad's will connect to the wifi via 802.1x authentication using username and password from…
tyelford
- 255
- 2
- 11
1
vote
1 answer
Windows cannot connect to Enterprise WPA2 WiFi access point with EAP-TTLS PAP authentication using freeradius
I was working on having an Enterprise WiFi access point where my clients need to enter username and password (which are in OpenLDAP directory), using AES, TTLS PAP.
I setup my freeradius according to this tutorial:…
Mohammed Noureldin
- 541
- 1
- 11
- 25
1
vote
1 answer
802.1x Login Window profile fails because it "can't prompt for missing properties"
I'm trying to configure a TTLS 802.1x Login Window profile on OS X 10.10.1 Yosemite.
The profile has been installed (via MDM) and the login window now shows (above the username/password input boxes) a dropdown from which the 802.1x profile can be…
eggyal
- 402
- 5
- 16
1
vote
1 answer
EAP-TLS: is it possible eavesdropping when sharing client certificate?
I want to know how to share a network of WPA2 enterprise with EAP-TLS, authenticating users with a common certificate. They share the same certificate.
I'm afraid they can monitor each other. Is that possible?
In EAP-TLS, do clients encrypt…
jumeno
- 25
- 6
1
vote
2 answers
FreeRADIUS keeps complaining about TLS 1.0/1.1, despite tls_min_version setting has been set to 1.2
I'm implementing EAP-TTLS with FreeRADIUS 3.0.21. Devices are able to connect, server is running. However, FreeRADIUS complains about TLS 1.0/1.1 are still available in its starting log messages. Here's the output of systemctl status freeradius…
Václav
- 111
- 3
1
vote
0 answers
How to configure MACSEC Key Agreement (MKA) with hostapd & wpasupplicant?
I'm trying to setup MKA between some clients (using wpa_supplicant) and an authenticator (using hostapd).
Additionally I have a RADIUS server(using FreeRADIUS) that is going to be handling the authentication side of things.
So:
RADIUS server has…
A. Trevelyan
- 478
- 1
- 10
1
vote
0 answers
802.1x NPS Machine authentication
We are trying to implement 802.1x to authenticate wirelless users (Aruba Controller) through RADIUS (Windows server 2019 NPS),
For mobile phones and guests devices, we have successfully configured the authentication via user (AD Account) , but for…
Oualid ZAKOUR
- 31
- 3
0
votes
1 answer
How to configure FreeRADIUS with EAP-TLS and group-based authorization?
I configured FreeRADIUS to use EAP-TLS for certificate based authentication (self-signed certificates). Authentication works fine, except that I'd like to add group-based authorization.
More specifically, I need to use the Class attribute to be sent…
j3141592653589793238
- 75
- 9
0
votes
1 answer
How to configure FreeRADIUS for use with strongSwan group selection?
Building a VPN service with strongSwan, I need to distinguish between several groups of users where each group is assigned a certain subnet with certain permissions (i.e. "group x" has access only to a specific part of the local subnet, e.g.…
j3141592653589793238
- 75
- 9
0
votes
1 answer
Requesting access to a Radius server after having requested a previous (succeful) access to another Radius server
I don't know if this idea is non-sense but I was wondering if it was possible.
I have a FreeRadius server backed by a LDAP server with uses EAP-TTLS (that is, username+password) to authenticate. So when users connect to a 802.1x switch, they are…
Osqui
- 135
- 1
- 8