I am new to ubuntu. I recently set up a Freeradius in ubuntu and connected successfully with the supplicant's PC using MD5.
I am using ethernet cable to connect these three items: two Ubuntu PC and one cisco switch.
I would like to try other Authentication method (PEAP and TLS).
My question is: How to create the certificate/key/anyfile with "openssl" command?
And how to do with the wired setting for the supplicant's PC in order to use PEAP and TLS authentication?
Below is my set up information:
Authentication Server
- Ubuntu version: 20.04.2 LTS
- Freeradius version: 3.0.20
- Fixed IP Address: 192.168.100.22
- File configuration:
4a) user==>
raduser Cleartext-Password := "dfgh"
4b) clients.conf==>
client 192.168.100.33 {
secret = erty
shortname = ciscoswitch
}
Authenticator
- Cisco Switch: SG250-08HP
- IP Address: 192.168.100.33
- Setting:
3a) Radius Client==> IP Address: 192.168.100.22 / Key String: erty / Authentication Port: 1812
3b) 802.1X Authentication==> Properties==> Port-Based Authentication: Enable / Authentication Method: RADIUS
==> Port Authentication==> Port(GE1)==> Port Control: Forced Authorized (Authentication Server)
==> Port(GE2)==> Port Control: Auto (Supplicant's PC)
Supplicant
- Ubuntu version: 20.04.2 LTS
- Freeradius version: 3.0.20
- Fixed IP Address: 192.168.100.55
3a) Scenario 1 - How?
802.1x Security: Enabled
Authentication: Protected EAP
Anonymous identity:
CA certificate:
PEAP version:
Inner authentication:
Username:
Password:
3b) Scenario 2 - How?
802.1x Security: Enabled
Authentication: TLS
Identity:
User certificate:
CA certificate:
Private key:
Private key password:
