[rhelv6-list] Antwort: Re: WLAN with RHEL6 with auth against Windows ADS

Andreas Reschke Andreas.Reschke at behrgroup.com
Tue Jul 5 12:01:55 UTC 2011 

rhelv6-list-bounces at redhat.com schrieb am 01.07.2011 07:59:24:

> Kurt Keller <kkathag at gmail.com> 
> Gesendet von: rhelv6-list-bounces at redhat.com
> 
> 01.07.2011 08:01
> 
> Bitte antworten an
> "Red Hat Enterprise Linux 6 \(Santiago\) discussion mailing-list" 
> <rhelv6-list at redhat.com>
> 
> An
> 
> "Red Hat Enterprise Linux 6 (Santiago) discussion mailing-list" 
> <rhelv6-list at redhat.com>
> 
> Kopie
> 
> Thema
> 
> Re: [rhelv6-list] WLAN with RHEL6 with auth against Windows ADS
> 
> Hi Andreas,
> 
> Here the notes from how I got my Fedora 14 box connected to the
> company wireless network. Hope it helps. But you might also need to
> talk to your ADS guys to find out what exactly is required in your
> specific environment.
> 
> * I actually configured the connection in NetworkManager (instructions
> might not be completely accurate, as it is documented after the fact
> and after quite a number of failures, probably due to an older kernel
> version)
>                 + add a new wireless connection
>                       # Security: WPA & WPA2 Enterprise
>                       # Authentication: TLS
>                       # Identity: <my-user-id>
>                       # User Certificate: blank
>                       # CA certificate: the file with the chain to the
> CA certificate
>                       # Private key: the exported key/certificate
> combo in pkcs12 format (could not get it to run at all with
> certificate and key in pem format)
>                       # Private key password: well, the password for
> the pkcs12 package
>                       # ignore the messages about the private key
> being unencrypted (even though it is encrypted)
> 
> Cheers,
> 
> Kurt
> 
> On 27 June 2011 13:39, Andreas Reschke <Andreas.Reschke at behrgroup.com> 
wrote:
> > Hi,
> >
> > I want to use WLAN in our office. I've 2 certificate (userid.cer)
> >
> > a)
> > cat RESCH.cer
> > -----BEGIN CERTIFICATE-----
> > MIIGhDCCBe2gAwIBAgIKI7sHqAAAAAE5czANBgkqhkiG9w0BAQUFADA/MQswCQYD
> > ......
> >
> > b)
> > cat RESCH.cer
> > 0��0���
> >
> > 0?19s0  *�H��
> >
> > 0  0    UDE10U  Stuttgart1
> >
> >  U
> >
> > 0ehr1
> >
> > 120111083751Z0y10
> >
> >         �&���,dnet10
> >
> >         �&���,d behrgroup1
> > ......
> >
> > Which one is there right one? The more ascii-like or the binary 
version? And
> > which settings in NetworkManager are required?
> >
> > Authentication: TLS, LEAP, Tunneld TLS, Protected EAP (PEAP)?
> >
> > Thanks for your help
> >
> >
> > Andreas Reschke
> > _______________________________________________
> > rhelv6-list mailing list
> > rhelv6-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/rhelv6-list
> >
> >
> 
> _______________________________________________
> rhelv6-list mailing list
> rhelv6-list at redhat.com
> https://www.redhat.com/mailman/listinfo/rhelv6-list

Hello Kurt,

now I've created the both certificate files. This is what I get from 
/var/log/messages:

Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Activation (wlan0) 
Stage 1 of 5 (Device Prepare) scheduled...
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Activation (wlan0) 
Stage 1 of 5 (Device Prepare) started... 
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> (wlan0): device 
state change: 6 -> 4 (reason 0) 
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Activation (wlan0) 
Stage 2 of 5 (Device Configure) scheduled...
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Activation (wlan0) 
Stage 1 of 5 (Device Prepare) complete. 
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Activation (wlan0) 
Stage 2 of 5 (Device Configure) starting... 
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> (wlan0): device 
state change: 4 -> 5 (reason 0) 
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Activation 
(wlan0/wireless): connection 'B3hr--36' has security, and secrets exist. 
No new secrets needed.
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: added 
'ssid' value 'B3hr--36'  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: added 
'scan_ssid' value '1'  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: added 
'key_mgmt' value 'WPA-EAP'  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: added 
'eap' value 'TLS'  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: added 
'fragment_size' value '1300'  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: added 
'ca_cert' value '/home/resch/Zertifikate/resch.pem'  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: added 
'private_key' value '/home/resch/Zertifikate/resch.p12'  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: added 
'private_key_passwd' value '<omitted>'  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: added 
'identity' value 'resch'  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Activation (wlan0) 
Stage 2 of 5 (Device Configure) complete.  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> Config: set 
interface ap_scan to 1  
Jul  5 13:57:40 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  disconnected -> scanning   
Jul  5 13:57:43 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  scanning -> associating   
Jul  5 13:57:43 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  associating -> associated   
Jul  5 13:57:46 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  associated -> disconnected   
Jul  5 13:57:46 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  disconnected -> scanning   
Jul  5 13:57:46 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  scanning -> disconnected   
Jul  5 13:57:46 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  disconnected -> associating   
Jul  5 13:57:46 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  associating -> associated   
Jul  5 13:57:48 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  associated -> disconnected
Jul  5 13:57:48 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  disconnected -> scanning
Jul  5 13:57:48 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  scanning -> disconnected
Jul  5 13:57:48 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  disconnected -> associating
Jul  5 13:57:48 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  associating -> associated
Jul  5 13:57:50 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  associated -> disconnected
Jul  5 13:57:50 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  disconnected -> scanning
Jul  5 13:57:50 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  scanning -> disconnected
Jul  5 13:57:50 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  disconnected -> associating
Jul  5 13:58:05 st00ni0029 NetworkManager[2505]: <warn> Activation 
(wlan0/wireless): association took too long.
Jul  5 13:58:05 st00ni0029 NetworkManager[2505]: <info> (wlan0): device 
state change: 5 -> 6 (reason 0)
Jul  5 13:58:06 st00ni0029 NetworkManager[2505]: <warn> Activation 
(wlan0/wireless): asking for new secrets
Jul  5 13:58:06 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
supplicant connection state:  associating -> disconnected
Jul  5 13:58:08 st00ni0029 NetworkManager[2505]: <info> (wlan0): device 
state change: 6 -> 9 (reason 7)
Jul  5 13:58:08 st00ni0029 NetworkManager[2505]: <warn> Activation (wlan0) 
failed for access point (B3hr--36)
Jul  5 13:58:08 st00ni0029 NetworkManager[2505]: <info> Marking connection 
'B3hr--36' invalid.
Jul  5 13:58:08 st00ni0029 NetworkManager[2505]: <warn> Activation (wlan0) 
failed.
Jul  5 13:58:08 st00ni0029 NetworkManager[2505]: <info> (wlan0): device 
state change: 9 -> 3 (reason 0)
Jul  5 13:58:08 st00ni0029 NetworkManager[2505]: <info> (wlan0): 
deactivating device (reason: 0).


But it didn't work

Andreas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhelv6-list/attachments/20110705/7e0bed25/attachment.htm>

More information about the rhelv6-list mailing list