Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: G2 on October 16, 2012, 05:22:43 pm
-
Good afternoon!
I'm trying to install a wireless AP in the Radius (Freeradius) Zentyal and I can not.
See if someone can help me:
environment:
Wifi AP: TP-Link TL-WA901
IP: 192.168.1.254
Server: Zentyal 3.0
IP: 192.168.1.100
When I run the test with radtest server responds OK:
# Radtest "guy", "password" localhost 1812 testing123
Sending Access-Request of id 231 to 127.0.0.1 port 1812
User-Name = "guy"
User-Password = "password"
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id = 231, length = 20
And also how to log in OK:
Wed Oct 3 12:39:15 2012: Auth: Login OK: [guy] (from client 127.0.0.1/32 port 1812)
I run the test via qdo Notebook, the following error appears:
Wed Oct 3 12:33:20 2012: Error: TLS Alert read: fatal: unknown CA
Wed Oct 3 12:33:20 2012: Error: TLS_accept: failed in SSLv3 read client certificate A
Wed Oct 3 12:33:20 2012: Error: rlm_eap: SSL error error: 14094418: SSL routines: SSL3_READ_BYTES: TLSv1 alert unknown ca
Wed Oct 3 12:33:20 2012: Error: SSL: SSL_read failed inside of TLS (-1), TLS session fails.
Wed Oct 3 12:33:20 2012: Auth: Login incorrect (TLS Alert read: fatal: unknown CA): [guy] (from client 192.168.1.254/32 port 0 cli 48-5D-60-B4-F7-68 )
Someone who already set the Radius in Zentyal has gone through something similar?
I need a "Certificate Authority"?? It is possible to function without it?
Thank you.
--------------------------------------
Resolved ...
If using certificate:
- http://www.eduroam.ie/userdocs/win7-securew2-ttls.php
If you do not use certificate:
http://www.iar.unicamp.br/suporte/install_w2.php
http://www.iar.unicamp.br/suporte/config_eap_ttls_vista.php
Thank you for your help.
-
Is your Windows client configured to use TTLS PAP?
-
Sadly Windows 7 does not support eap-ttls out of the box. Maybe you can find some 3rd party software to add eap-ttls.
Rumors say that Windows 8 have support for eap-ttls but I did not test it.
http://social.technet.microsoft.com/Forums/zh/winserversecurity/thread/afb2f748-20f2-4867-90bd-60f8ee870978 (http://social.technet.microsoft.com/Forums/zh/winserversecurity/thread/afb2f748-20f2-4867-90bd-60f8ee870978)
-
Solved ... ;D ;D
With hints of you I managed to solve the problem.
Through the SecureW2 I setup Win7 to access the TTLS + PAP and was great.
Follow the links that helped in the service.
If using certificate:
- http://www.eduroam.ie/userdocs/win7-securew2-ttls.php
If you do not use certificate:
http://www.iar.unicamp.br/suporte/install_w2.php
http://www.iar.unicamp.br/suporte/config_eap_ttls_vista.php
Thanks for your help.