02-24-2011 04:47 AM - edited 03-10-2019 05:51 PM
Hello Everyone, I'm need to create a Server freeRadius ( server radius for linux ) with EAP TLS. the server Radius I have already deployed and it's working ( integration with openldap ). but, I'm difficult at the deployment EAP TLS upon the freeRadius to authentication my wireless users ( Aironet 1240 ). how to can I generation the certification for my users?? what I need to do ? anyone has a How to about freeradiusd with EAP-TLS?
thank!
02-24-2011 02:39 PM
You need setup a CA server to issue certificate to your freeRadius and client.
Here is the example of Cisco ACS but the principle is the same.
03-02-2011 03:26 AM
hello everyone, I'm still attempt deployment freeradiusd with EPA-TLS.
but there is many variables which I have to save for all it's work!
for exemplo, issue certificate. to this I'm using openssl but it isn't ready.
I'm difficult found a way to issue wireless users certificate. understend all the generation of the certificate.
the same way I want to share with you a how to about issue certificate with openssl follow:
http://www.g-loaded.eu/2005/11/10/be-your-own-ca/
in attach too has other very good own Cisco.
will go on attempt deployment the freeradiusd with EAP-TLS and I will report to you.
thank.
03-23-2011 07:56 AM
Hello everyone, I know that this Forum cover more issue about environment Cisco. but, I've need to do an integration in my wireless environment with EAP-TLS and I'm using the LDAP and Freeradius to authenticate my wireless users.
follow at the step by step:
1- Install samba and Ldap.don't use ( no necessary Install PHPldapAdmin ) you can use ldapadmin for manager your database ldap.
2- after install your ldap and Samba you need delete schema directory in /etc/ldap/schema then you can run smbldap-populate other side can occur errors
3- Install freeradius version 2 the is freeradius2
4- Install the freeradius2-ldap
5- for generate yours certificates ( you need only two: CA certificate and Server Certificate ) you must have had installed the openssl any linux machine come with it.so you can follow the REDME in /etc/raddb/certs
6- to configuration integration radius and ldap is in /etc/raddb/modules/ldap file.
I've installed my freeradius in Red-Hat enterprise 5.5 and my Samba and Ldap in fedora 12
7- set your Aps to use radius.
good loock!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide