Wpa2-Enterprise?

fausp · April 10, 2017, 8:13pm

I use this on sme9 to auth my wifi-clients:

** WPA2-Enterprise SME9 **

install freeradius-utils
yum -y install freeradius-utils
set hostname in webinterface
ap01.privat.lan (192.168.xxx.1)
set radiuskey
db hosts setprop ap01.privat.lan RadiusKey my-radiuskey
signal-event remoteaccess-update
mkdir for template
mkdir -p /etc/e-smith/templates-custom/etc/raddb/users/
create file for template
nano /etc/e-smith/templates-custom/etc/raddb/users/40ldap
put this into 40ldap
DEFAULT Auth-Type := LDAP
expand template
expand-template /etc/raddb/users
public status enabled
db configuration setprop radiusd TCPPort 1812 access public status enabled
signal-event remoteaccess-update
test local on sme9 (password from /etc/raddb/clients.conf)
radtest admin ‘my-sme9-admin-password’ localhost 10 my-client-pwd-from-clients.conf

I would like to do it the same way on nethserver, is it possible ?
How should the commands looks like ?

filippo_carletti · April 14, 2017, 7:31am

Last time I evaluated this feature I had a problem with passwords, but it was a long time ago (probably an early alpha of NethServer 6).
I will try to re-evaluate this setup with NethServer 7, but I’m going on vacation soon, I will not be able to work on it.
At first glance, the above commands seem to be valid for NethServer, but I think that the samba accounts provider has better probabilities to work with wpa2.
Let’s sync up at the beginning of May.

fausp · April 14, 2017, 10:45am

OK, May is also good, happy easter to you …

fausp · May 8, 2017, 5:09pm

Any suggestions, how this could work on NethServer7 ?

filippo_carletti · May 8, 2017, 5:19pm

I began working on this last week, but I still have nothing to share ATM.

fausp · May 8, 2017, 5:37pm

TNX Filippo…

filippo_carletti · May 15, 2017, 9:30am

Still no success authenticating samba AD users through radius.
I’m going to try with ldap as accounts provider.