Highest Voted 'radius' Questions - IT Security Stack Exchange

1

vote

1 answer

Should you use Radius and LDAP together?

For example I'm reading something right now that says: "The authentication server is a RADIUS server, which authenticates virtual machines through a Lightweight Directory Access Protocol (LDAP) database." I thought that to authenticate you either…

ldap radius

asked Jul 15 '16 at 18:28

User104163

409
2
6
11

1

vote

0 answers

Dynamic Key Management in WPA through Radius server

Can anybody tell me in detail (or provide good links), how the dynamic key management is done by the authentication server in WPA? In other words, let's say I gave my credentials to the authentication server in EAP RESPONSE / IDENTITY, then how does…

authentication key-management radius

asked May 25 '16 at 16:42

Pankaj Kumar

41
1
5

1

vote

0 answers

Help decrypting MS-MPPE-Send-Key/MS-MPPE-Recv-Key

I'm trying to decrypt Ms-MPPE keys received in a Access-Accept message from the Radius server. I'm following RFC2548 in order to do this. Although the keys are of size 32 octets, the one byte length is always wrong. I used hostapd source for it and…

radius

asked Jan 18 '16 at 03:51

psk

11
1

0

votes

1 answer

EAP-TLS fragmentation implementation

I am trying to build an EAP-TLS client. The handshake I have to deal with involves receipt of fragmented messages from the RADIUS server. As a part of the client reply, I have to construct a certificate verify message, which involves hashing all…

tls certificates digital-signature radius peap

asked Jul 25 '14 at 19:39

previouslyactualname

205
1
2
5

0

votes

1 answer

EAP-TLS for securing internal local WLAN?

I'm looking at securing a wi-fi network used in an industrial context. I have a pool of client devices which should automatically connect to an AP (selecting SSIDs which match a specific pattern). These clients are all "devices" with no interactive…

windows linux radius 802.1x wpa2-eap

asked Jun 15 '22 at 04:31

Hydrargyrum

103
4

0

votes

0 answers

FreeRadius and Apache Mutual authentication

I set EAP-TLS on my FreeRadius server, and i want to try the certificate-based authentication for a testing. I set up an Apache as a webservice and enabled ssl on it. I could redirect the basic username-password authentication to the radius server,…

apache radius wpa2-eap freeradius

asked Feb 07 '22 at 11:25

zsomborv

21
1

0

votes

1 answer

Are there other types of NT Password (NTLM Hash) besides raw MD4?

According to the freeradius document https://freeradius.org/radiusd/man/rlm_pap.txt I can use NT-Password as the type of storing user's password. However, I have only found the type of generating raw MD4 as NTLM Hash. As I need to use MSCHAPv2, I…

radius ntlm peap freeradius

asked Sep 30 '21 at 05:39

Steven Yang

101

0

votes

1 answer

How are keys negotiated in wpa-eap?

Question about PEAP-MSCHAPV2 on RADIUS. After MSCHAPV2 success keys are extracted from TLS context. Then it sent to AP. Client failed to connect WiFi (or eapol, etc) with my handmade RADIUS Access-Accept. Can you explain full keys…

wifi radius 802.1x wpa2-eap peap

asked Feb 16 '20 at 22:40

eri

111
2

0

votes

1 answer

Using LetsEncrypt certificates for WiFi network authentication

I am helping my school IT set up a RADIUS authentication system using PEAP/EAP-TTLS. We are able to achieve successful connection with the user devices, but the users need to accept a "Not trusted" self-signed certificate. I am considering using the…

certificates radius letsencrypt

asked Sep 22 '19 at 06:29

Standstill

103
1
3

0

votes

0 answers

Connect 3rd party devices to windows server domain

I'm working on radius authentication. Server for this moment and production is windows server 2016. The authenticator is a hp ProCurve 2610-pwr 24p supplicants is a windows pc running windows 10 1903 and all the other are IP cams: bosch and axis. As…

windows-server radius peap

asked Sep 17 '19 at 07:39

Tim Clinckemalie

101

0

votes

0 answers

EAP-TTLS and EAP-TLS in RADIUS: Which is more accepted?

From what I understand: EAP-TTLS forces the RADIUS server to identify itself to a client with a certificate, but optionally a client to the server. All information about an end-user is encrypted through a tunnel. EAP-TLS forces the RADIUS server and…

tls radius

asked Sep 04 '19 at 14:11

Tim Morris

103
1
3

0

votes

1 answer

How are RADIUS packets encrypted?

This seems like an obvious question, but I can't easily find a clear answer. I'm setting up a FreeRADIUS server on my LAN just for curiosity's sake, but I want to know if the packets are encrypted at all by default, and, if so, how? I know requests…

encryption radius freeradius

asked Aug 31 '19 at 18:16

Tim Morris

103
1
3

0

votes

1 answer

How does Authenticator gets the PMK which is used to calculate PTK?

I am trying to setup a Supplicant- authenticator and AAA server to perform EAPOL mechanism. I am able to successfully completed the EAP authentication procedure but 4-way handshake was not initiated by Authenticator. I have 2 questions here. How…

authentication key-management radius wpa2-eap handshake

asked Oct 10 '18 at 11:16

proudengineer

21
8

0

votes

2 answers

How to prevent users sharing WPA RADIUS keys?

My office LAN does not have a Windows Active Directory. The Wifi use WPA with a pre-shared key, which means that everyone in the world knows what the key is. I was thinking of implementing a RADIUS server and switching to that. The question is, what…

wifi radius wpa2-eap

asked Feb 26 '18 at 15:38

Hussain Akbar

101
1

0

votes

1 answer

In a wireless network which is the Radius client, the switch or the wireless access point?

I'm sorry if this is a noobish question. If you have some cisco switch connected to d-link wireless access points, which acts as the Radius client?

radius

asked Jul 28 '17 at 17:34

Zouzou Ibba

39
1
2
8

Questions tagged [radius]