Difference between revisions of "Spacenet"
Eagle00789 (talk | contribs) |
|||
Line 47: | Line 47: | ||
<br> | <br> | ||
− | |||
+ | == Windows 7 == | ||
+ | Windows 7 will either support EAP-MSCHAPv2 (username/password) or EAP-TLS (certificates) out-of-the-box. | ||
+ | |||
+ | You should manually create a wireless network under "Manage wireless networks". | ||
+ | |||
+ | Depending on the configuration of your home-RADIUS you should either choose EAP-MSCHAPv2 or EAP-TLS. | ||
+ | |||
+ | == EAP-MSCHAPv2 == | ||
+ | * SSID: spacenet | ||
+ | * Security type: WPA2-Enterprise | ||
+ | * Encryption type: AES | ||
+ | * Authentication: Microsoft: Protected EAP (PEAP) | ||
+ | * Validate server certificate (good practice) | ||
+ | ** Connect to these servers: common-name of the certificate installed on your RADIUS server | ||
+ | ** Trusted root certification authorities: select the CA which signed the certificate installed on your RADIUS server | ||
+ | * Authentication method: secured passwords (EAP-MSCHAP v2) | ||
+ | ** Do NOT use windows logon name and password (will probably not work for you) | ||
+ | * Use user authentication | ||
+ | ** Save credentials: user@realm.tld with your password | ||
+ | |||
+ | |||
+ | [[Image:windows_mschap_1.png]] | ||
+ | |||
+ | [[Image:windows_mschap_2.png]] | ||
+ | |||
+ | [[Image:windows_mschap_3.png]] | ||
+ | |||
+ | [[Image:windows_mschap_4.png]] | ||
+ | |||
+ | [[Image:windows_mschap_5.png]] | ||
+ | |||
+ | == EAP-TLS == | ||
+ | * Make sure your device has a client certificate issued by your PKI | ||
+ | * SSID: spacenet | ||
+ | * Security type: WPA2-Enterprise | ||
+ | * Encryption type: AES | ||
+ | * Authentication: Microsoft: Smart Card or other certificate | ||
+ | * Validate server certificate (good practice) | ||
+ | ** Connect to these servers: common-name of the certificate installed on your RADIUS server | ||
+ | ** Trusted root certification authorities: select the CA which signed the certificate installed on your RADIUS server | ||
+ | |||
+ | |||
+ | [[Image:windows_tls_1.png]] | ||
+ | |||
+ | [[Image:windows_tls_2.png]] | ||
+ | |||
+ | [[Category:Howto/Spacenet]] | ||
Revision as of 17:56, 21 April 2012
We haz spacenet.
http://spacefed.net/wiki/index.php/Spacenet
4 Linux :
Copy & Paste this txt below into a file and name it ackspace.pem
Put it in your own home folder.
-----BEGIN CERTIFICATE-----
MIICvDCCAaQCCQCxaXLQG5/vsTANBgkqhkiG9w0BAQUFADAgMR4wHAYDVQQDExVy
YWRpdXMuYWNrc3BhY2UubG9jYWwwHhcNMTExMTIxMjAwMjI1WhcNMjExMTE4MjAw
MjI1WjAgMR4wHAYDVQQDExVyYWRpdXMuYWNrc3BhY2UubG9jYWwwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0bIFcc/ChNW2WQScUimA0Rb+FqgqiBRUD
YVp41JVG2LZG6UWorYIk6Sm3nM5ysB3DyPOi6TQVscntO7xtb9IINELjPdPNpKBW
h44XHvxL2jlBGy1NfFIr8et7PPkU/OyeneL4Rx+eYB/X084vqw9iRQTmbrEnJP2s
a8iWxFcUZehJ+0TFDhOj44iTfGaF6x1J1UzaEy4N3etxwRjEHF4SnsVB/WndQrVR
gRVTfi42n5vMaXDuTt/VvcWRM07W9kuTJQecgXdik38eXFQ+bNqAWaqM3WA1y/Un
SNWHK4ikZdrvDjZceC6HEc7AjcXD3y2DyzkmgyZSTNyMj+YMCSd3AgMBAAEwDQYJ
KoZIhvcNAQEFBQADggEBAGIfSDy1ZbI+ULiZLDbOxUzI6jdSvwVk2ZdYj4WHdCNc
rOoRTvUr1UQMFdBwjmvIesQDXWNSRpb5FQxRG7XWBEH5EbEHTPrgM3tB41m0/L5/
S8lguvTWyDLiUA3du7HSke5RI4YRjBwFyjDB4HmL3QUmbx5O9EZ6bKDQZ8hWx4of
19Rz/ESV8j8K57LyX09EIqNap0h9H4D99KFTuITRZCQCkz5QX//JQvvCI9+SOSme
IT6xYVaF+vdaRSOZR7YJqt4ILAQR8hOUr8dBoHP57lOoC/cWkZtsS5YnjF1PvKbK
S49zoEg+BUz+iIl2vQgH/+LGQeJG3XaotKes+QBwfoM=
-----END CERTIFICATE-----
Linux WIFI settings :
Wireless security : WPA & WPA2 Enterprise
Authentication : Protected EAP (PEAP)
Anonymous identity : <leeg>
CA certificate : ackspace.pem
PEAP version : automatic Inner
Authentication : MSCHAPv2
Username : <user>@ackspace.nl
Password : <password>
Windows 7
Windows 7 will either support EAP-MSCHAPv2 (username/password) or EAP-TLS (certificates) out-of-the-box.
You should manually create a wireless network under "Manage wireless networks".
Depending on the configuration of your home-RADIUS you should either choose EAP-MSCHAPv2 or EAP-TLS.
EAP-MSCHAPv2
- SSID: spacenet
- Security type: WPA2-Enterprise
- Encryption type: AES
- Authentication: Microsoft: Protected EAP (PEAP)
- Validate server certificate (good practice)
- Connect to these servers: common-name of the certificate installed on your RADIUS server
- Trusted root certification authorities: select the CA which signed the certificate installed on your RADIUS server
- Authentication method: secured passwords (EAP-MSCHAP v2)
- Do NOT use windows logon name and password (will probably not work for you)
- Use user authentication
- Save credentials: user@realm.tld with your password
EAP-TLS
- Make sure your device has a client certificate issued by your PKI
- SSID: spacenet
- Security type: WPA2-Enterprise
- Encryption type: AES
- Authentication: Microsoft: Smart Card or other certificate
- Validate server certificate (good practice)
- Connect to these servers: common-name of the certificate installed on your RADIUS server
- Trusted root certification authorities: select the CA which signed the certificate installed on your RADIUS server
Info voor psy :
/etc/freeradius/users
www.insidepro.com/hashes.php
NTLM