Comments on Wifi Authentication/Accounting With FreeRadius On CentOS 5
Wifi Authentication/Accounting With FreeRadius On CentOS 5 This tutorial explains how you can set up a FreeRadius server with Wifi authentication and accounting on CentOS 5. This howto should work for a newbie. Production deployment is also possible with minor tweaking. But as usual I do not guarantee anything & take no responsibilities if something goes wrong.
5 Comment(s)
Comments
Just wanted to point out that for the openssl options:
-extensions xpclient_ext -extfile /etc/ssl/xpextensions
to work, you will need the xpextensions file itself, and cp it to /etc/ssl or change the path to where it is
The file is included with freeradius in the $RADHOME/certs directory and can just be cp'd to /etc/ssl from there or change the option to $RADHOME/certs/xpextensions (ie: -extfile /usr/local/raddb/certs/xpextensions)
Yeah I missed that one out. In case nobody has it in his folder/directories. Here is the content of the file. just create the file with the said name with the following entries
In the tutorial´s context, it ought to be at /etc/ssl
[root@mycentos /etc/ssl]# cat xpextensions
[ xpclient_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.2
[ xpserver_ext ]
extendedKeyUsage = 1.3.6.1.5.5.7.3.1
[root@mycentos /etc/ssl]#
--
Ozzy
If you don't want to setup your own server, consider an outsourced RADIUS/802.1X service like from NoWiresSecurity: http://www.nowiressecurity.com/
Even better try CIITIX-WiFi, a turn-key secure wifi solution, can set it under 5 minutes, even for a AAA newbie.
Check out this nifty howto
http://howtoforge.com/how-to-set-up-an-aaa-server-with-ciitix-wifi
Cheers
--
Oz
Why showing this error ?
TLS_accept: SSLv3 write certificate request A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap: SSL error error