osx - Wireless 802.1x : configure tls, peap and ttls out of the box with FreeRadius 3.0.8 on a Mac Yosemite -


i'm looking quick easy way bring testbed. no need worry default settings because testing. need 802.1x working on 3 modes peap, ttls , tls on macbookpro. set quite simple airport 11ac , mac mini on yosemite 10.10.3 use install freeradius. client macbookpro authenticated against network. thanks.

here i've got : http://wiki.freeradius.org/building/build , kb.meraki.com/knowledge_base/freeradius-configure-freeradius-to-work-with-eap-tls-authentication

1) install talloc , freeradius

curl -lo www.samba.org/ftp/talloc/talloc-2.1.0.tar.gz tar zxvf talloc-2.1.0.tar.gz cd talloc-2.1.0 ./configure --without-gettext make sudo make install

cd ../ curl -lo ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.8.tar.gz tar zxvf freeradius-server-3.0.8.tar.gz cd freeradius-server-3.0.8 ./configure --enable-developer make sudo make install

note: while installing free radius, notice toward end, bootstrap being called. that's when certificate being generated.

2) edit /usr/local/etc/raddb/users with:

user    cleartext-password := "whatever"         reply-message := "whatever"  bob     cleartext-password := "hello"         reply-message := "hello, %{user-name}"

3) edit /usr/local/etc/raddb/mods-enabled/eap: default_eap_type = md5 change default_eap_type = tls private_key_file = ${certdir}/server.pem change server.key

4) edit clients.conf airport extreme's ip

client extremeanger {         ipaddr = 192.168.5.1         secret = wireless }

5) start freeradius on macmini sudo /usr/local/sbin/radiusd -x

6) copy ca.der , client.p12 macbookpro

7) go macbookpro , install apple configuration app app store

8) under 'supervise' menu, click plus + sign , create new profile

a. fill out general tab name of cert, b. go wifi tab, enter ssid , security type (tls), c. go identity certificate , load client.p12 file, d. go certificates tab , load ca.der file e. go wifi tab, trust menu, check box example certificate authority appears after done step d.

9) save , go main menu of apple configuration, click export arrow button , saveas profile, abc.mobileconfig file

10) double click on profile on macbookpro , try authenticate airport extreme's 802.1x network ssid.

11) pray work on first try, if not , read logs comes out on screen of macmini's radius -x window

12) create profile peap , ttls apple configurator app. make sure use username bob , pw hello configured above (if haven't figured out yet, username 'user' , pw 'whatever' used tls mode)

thanks reading


Comments

Post a Comment

Popular posts from this blog

asp.net mvc - SSO between MVCForum and Umbraco7 -

i need integrate sso between mvcforum (forum of company) , umbraco7 (manages cms company). however struggling shared authentication work. tried several ways suggested on other threads still not running expected. here did: 1. in mvcforum (forum.mywebsite.com) 1.1. machine key in web.xml: <machinekey validationkey="the same key umbraco7" decryptionkey="the same key umbraco7" validation="sha1" decryption="aes" /> 1.2. authenticate forms in web.xml <forms name="my-sso-auth" protection="all" path="/" timeout="43200" domain="forum.mywebsite.com" loginurl="/members/logon" enablecrossappredirects="true" /> 2. in umbraco7 (news.mywebsite.com) 2.1. machine key in web.xml: <machinekey validationkey="the same key mvcforum" decryptionkey="the same key mvcforum" validation="sha1" decryption="aes" /> 2.2. a
Read more

Python Tkinter keyboard using bind -

i have problem using bind option can click button in keyboard, , call function once key pressed. tried taking other codes have similar purpose , saw i'm doing pretty same, though still have problem must've missed. thankful if me this. here's code: # -*- coding: utf-8 -*- #imports tkinter import * pil import imagetk, image import time import tkmessagebox #===========================================================================================================================================# #tkinter class class app(frame): def __init__(self, master=none): frame.__init__(self, master) self.pack() #===========================================================================================================================================# #game pieces classes class board: def __init__(self, rows = 7, columns = 6, picture_height = none, picture_width = none): self.rows = rows self.columns = columns self.picture
Read more

ubuntu - Selenium Node Not Connecting to Hub, Not Opening Port -

i'm trying set demo selenium grid. have digital ocean ubuntu 14.02 droplet. (i have 2 , tried set using 2 different machines got nowhere.) i'm trying run hub , node both locally. here input both hub, node, , nmap results. https://gist.github.com/mekhami/d5bbecca5ff0de9d2dc9 so, node starting tcp connection reset , port it's supposed operate on closed. i have had no luck in number of different options , configurations work. but... of course, worked randomly once. don't know why, don't know did, know 1 brief moment, node connected , saw on grid console. tried run test , went down again , i've never seen come up. please let me know more information can provide. update: randomly came online again. don't know happened, might related timeout or time_wait or going on. this because vm/server not have enough entropy available. to resolve problem, install haveged (or other similar things). the instructions of how install haveged on ubu
Read more