Connect to WPA using RADIUS and certificates

Hello all,
I have set up my Airport Extreme N to use WPA enterprise encryption via a freeRADIUS server using EAP. I created my own public key infrastructure using openSSL and I am able to connect to the WLAN with my Windows XP notebook using this authentification method.
Now with my macs I am kind of lost. First I installed the root certificate using the keychain app into X509Anchors and the client certificate into the login keychain.
Both certificates are marked with a red X saying that they have been signed by an unkown instance, even if I set them to Always trust in the menu.
Now I fired up my Airport Card in my iMac and tried to use the internet connection app to login into the WLAN. When I try to choose the protocol "TLS" and click Configure I cannot chose the freshly imported certificates.
Do I have to add something special to the certificates to make them work under MacOS X, or can I take the same certificate for Windows and Mac?
Thanks for your help!
Best regards
Thomas

The solution to the problem was that the certificate created with OpenSSL in the pem format has to be converted into the p12-format to make it selectable in the TLS dialog.
Now I authenticate my MacBook Pro with certificates at my AirPort Extreme (pre N-version) using a freeRADIUS server as a backend.

Similar Messages

  • The server you are connected to is using a security certificate that CAN NOT BE VERIFIED.

    First we have changed nothing, we have not done anything to our Yahoo or Outlook 2003 and suddenly this starts popping up all the time.
    We have Windows 7, Office Pro. 2003 and use Outlook 2003 with Verizon Fios and Yahoo is our email server. This message started popping up yesterday out no where, does anyone have any thoughts about it? I have posted it on the Verizon site, however I have more faith in the help I receive here thank you.
    The server you are connected to is using a security certificate that CAN NOT BE VERIFIED.
    A certificate chain processed but terminated in a root certificate which is not trusted by the trust provider.
    Do you want to continue using this server?
    Solved!
    Go to Solution.

    Did you get any email notification of a change to your email servers? So far I only found these settings from 2010
    Incoming Server: incoming.yahoo.verizon.net
    Server Requires Authentication: Yes
    Username: fakeacct
    Password: fakepassword
    Requires a Secure Connection (SSL): No
    Port: 110
    Outgoing Server: outgoing.yahoo.verizon.net
    Server Requires Authentication: Yes (You can set it to use the same settings as incoming, or manually enter the username and password.)
    Requires a Secure Connection (SSL): No
    Port: 25
    (Big thanks to SomeGirl for this info)
    Are these the settings configured in outlook?  If these are the setting they may need to be updated
    If a forum member gives an answer you like, please give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem. Thanks !!!
    http://forums.verizon.com/t5/Verizon-net-Email/Fix-for-Missing-Inbox-sent-folders-etc-with-Internet-Explorer-11/m-p/647399

  • Expert help needed to connect iPhone / iPad using BlueTooth and Wi-Fi

    We need expert help to connect iPhone / iPad using BlueTooth and Wi-Fi. If you have worked with Apple MFi Program [http://developer.apple.com/programs/mfi], or have expertise/experience in this, please contact me. Thanks! Kevin.

    Hi there.
    I connected to my livebox after about three attempts. You have to pair the livebox by pressing either the number one or two that is on the box. When it is in pair mode it stays that way for ten minutes so it gives you chance to try your wep code that is on the bottom of the box a few times. I can't remember which one was successful but i did try the letters in uppercase and lower and one of them seemed to connect.
    Welcome to discussions by the way.
    Hope this helps JB

  • How to connect one page using button and by link in BSP

    how to connect one page using button and by link in BSP

    hi,
    use on 'onclick' functionality.
    1. In layout, onclick = 'NEXT_PAGE' of the button
    2. Capture the event in onInputprocessing,
    DATA: event_id TYPE REF TO  cl_htmlb_event.
    case event_id.
    when 'NEXT_PAGE'.
                navigation->goto_page( 'URPAGE URL' ).

  • How could I make a connection to XE using Jdeveloper and JSF?

    Hello, I want to develop an application that must interact with a Oracle Database Express Edition. How could I make a connection to it and display, for example, a table from the database in a JSP using JSF in Jdeveloper.

    Hi ,
    I have installed Jdeveloper 10.1.3.1.0 and Oracle database Express edition 10g on the same machine.I want to connect to the database from Jdeveloper but i get the message "The Network Adapter could not establish the connection" , when i test the connection. The listener is running and am able to connect to database using SQL Plus.
    I have tried various methods like giving the ipaddress and giving the URL, looking at the JDBC configuration wizard given in the documentation , but of no use .. can anyone please suggest me how to connect??

  • Problem connecting to rdp using RemoteApp and Desktop

    I am having trouble connecting to a remote app server using the Remote App and Desktop connections feature on 2012 R2. It is a domain server. It works with most user but not with a few. I can put the web address in it ask for and it comes up and says error
    in connecting. please contact admin. I have tried signing off and rebooting the physical server. but no luck on it connecting. I can get it connect through the internet site and on a different server. How to fix when there is no error number. 
    Thanks
    AC

    Hi,
    Since it works for most users I think this could be a permission issue with the rest. For your information:
    Assign Domain Users and Domain Groups to a RemoteApp Program
    http://technet.microsoft.com/en-us/library/dd851539.aspx
    Hope this helps.

  • Connect to server using VPN and router, then 3rd party software hangs

    I connect to my employer server using *Apani Contivity VPN* software to get email, accessing the internet with FireFox and any of the following devices *NetGear RP614v3, Linksys BEFSR41* routers, as well as a *Belkin F5D5131-5* switch. I can connect to the internet and log onto the company server. Then I spuraticly, but persistently, have *software hangs when I try to open the software or execute a save when using: Text Edit, MS Entourage, Quark, Adobe Photoshop and Bridge*. I use one of 2 Macs in a company of PCs and the other Mac user does not have these problems. Help.

    Hi, and a warm welcome to the forums!
    Done these two lately?
    Using Disk Utility in Mac OS X 10.4.3 or later to verify or repair disks...
    http://docs.info.apple.com/article.html?artnum=302672
    About Disk Utility's Repair Disk Permissions feature...
    http://docs.info.apple.com/article.html?artnum=25751
    Reboot needed if many Permissions are fixed, and possibly reapply latest Combo Update also.

  • Unable to connect to internet using wifi and lan cable after updating to windows 10

    HI Team,                   After updating to windows 10. I'm unable to find wifi and lan connectivity in settings->internet . I m trying all stuff to resolve the problem, But i'm unable to to do it . Please help me with this. I cannot attach screen shots over here if possible i could send screen shots if any of the e-mails id's available

    Hi there ,  Thank you for visiting the HP Support Forums and Welcome! This is a great site to get answers and ask questions. I understand that you are having an issue with your Wi-Fi on your HP Envy M6-1125dx.  I did some research and found a great document for your called HP PCs - Troubleshooting Wireless Network and Internet (Windows 8). This document will help you troubleshoot the Wi-Fi issue.  Have you received any error messages? If you are receiving any of these errors:Internet Explorer cannot display the Web page.Work Offline: No connection to the Internet is currently available.Not connected: You are currently not connected to any networks.Here is another document called HP PCs - Resolving Broadband Internet connection problems (Windows 8).  Have you tried to Restore the BIOS? Have you uninstalled the driver in the Device Manager?If not, please do the following: 1. Uninstall the driver in Device Manager2. Restart the Notebook3. Reinstall the driver. You can use either the HP Driver's page for your specific Notebook, or you can use the HP Support Assistant. 
    Here is a link to the HP Support Assistant if you need it. Just download and run the application and it will help with the software and drivers on your system at the time of purchase or that need updating. Have you tried to directly connect to the Modem/Router?  Please follow the troubleshooting steps and re-post with the results and information required from the questions above.  Thanks!

  • Applying service policy using radius and VPDN

    anyone had any success doing this?
    I've been following the suggested config at http://www.cisco.com/en/US/customer/products/ps6566/products_feature_guide09186a0080610dad.html#wp1058626 but not having any success.
    sessions terminate on my 7301 via L2TP through another provider - this all works fine.
    I have the following AVPair defined in the user RADIUS profile:
    Cisco-AVPair = "ip:sub-qos-policy-out=DROP-P2P"
    and the matching policy map defined on the 7301 but it does not get applied to the user session.
    Debug L2X errors gives the following message:
    001867: Oct 30 16:12:50.655 UTC: L2X: Unknown AVP 76 in CM SCCRQ
    001868: Oct 30 16:12:50.655 UTC: L2X: Ignoring unknown AVP 76
    if I apply the policy map in the virtual-template it does get applied, but obviously to all users on that template which is not what I want.
    edit: - btw the 7301 is on 12.4 so this feature should be available.
    thanks
    Liam.

    With a router it won't be possible to get different policy for users in a single template. Following link may help you
    http://www.cisco.com/en/US/customer/products/ps6566/products_feature_guide09186a0080610dad.html#wp1081783

  • Internet Security Warning - The Server you are connected to is using security certificate that...

    Mail Client on Laptop is Windows Live Mail.  Mail server outgoing.yahoo.verizon.net.  DSL Internet.  Long time Verizon customer.  Client configuration settings correct according to Verizon.  I now get an Interenet Security Warning message whenever I start up the Live Mail Client and send an e-mail.  Only happens on sending e-mails.  The warning message comes back looking for a YES or NO answer.  The message is
    "The server you are connected to is using a security certificate that could not be verified."
    "A certificate chain processed, but terminated in a root certificate which is not trused by the trust provider."
    "Do you want to continue using the server?"      "YES    or   NO"
    I click YES in order to successfully send e-mail messages which I do not like to do.  I only have to press YES on the first e-mail message that I send.  The rest outgoing e-mail work correctly after that first one. 
    What has Verizonn done to cause the problem on my client software?  I have done nothing to change configurations on my Windows 7 and Windos Live Mail laptop.  I have done some research, and verified that my computer time and time zone is correct.  I am looking for an explanation on why this is happening from Verizon. 
    HELP!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    If no one has a better idea you may want to unlink Yahoo from VZ. http://forums.verizon.com/t5/Verizon-net-Email/Unlinking-Verizon-email-from-Yahoo-portal/td-p/413475 It is possible to lose data as pointed out in the linked thread.
    OR Did you get any indication that your mail server settings were going to change at the end of Sept 2013? A mass email went out for "standard" verizon users earlier this year.  I am not sure if this effects Yahoo/VZ settings.
    If a forum member gives an answer you like, please give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem. Thanks !!!
    http://forums.verizon.com/t5/Verizon-net-Email/Fix-for-Missing-Inbox-sent-folders-etc-with-Internet-Explorer-11/m-p/647399

  • VPN access to a Watchguard firewall using Radius credentials

    Good morning, I have an Ipod Touch 4G that I would like to use to connect to our Watchguard firewall using the built in VPN client and pptp 
    I am the person onsite that manages the Watchguard firewall(s) (x553 with 10.2.12 firmware) , which are setup for pptp vpn access using Windows Radius servers.  The users use their Active Directory credentials to make the VPN connections.
    I have several macs at home, including an iMac and Mac mini and both of them can easily make VPN connections to the Watchguard firewall using pptp VPN access with Radius credentials.  T
    The setup I have been trying on the ipod Touch 4g is using the dns name for the firewall (published in Network Solutions DNS).  I have also tried the outside address of each firewall.  For the account, since we are using a Radius connection into Active Directory, I put my login in the format of domain\username .  RSA SecurID is On, the Encryption level is set to Auto and Send all traffic is off.
    In my testing so far, the Ipod Touch starts the connection, starts authenticating to Radius and fails.  If I turned off RSA SecurID, no authentication is attempted, so it looks like this needs to stay turned on.  It doesn't seem to matter is Send all traffic is off or on.  Having it off is preferable as I don't want to send all Internet traffic through the firewall when connected via VPN.
    So, I basically duped the setup of the VPN on the Ipod Touch based on my setup that's working on the Mac Mini and Imacs at home.  But VPN on the iPod Touch 4g with the latest version of IOS is not working.
    Does anyone have this kind of configuration working on the iPod Touch 4g or know if this is a shortcoming of this version of the Ipod or IoS?
    Thanks,
    Leo

    I fixed my vpn connection on the iPod Touch.  This is what works for Radius login to a Watchguard firewall:
    Server (DNS name or ip address).
    Account domainname\username
    RSA SecurIT off
    Encryption level Auto
    Send All Traffic off.
    Leo

  • Can we run AnyConnect using self signed certificates?

    I have a lab that I want to build a laptop-to-ASA remote access tunnel, using AnyConnect.  
    I understand AnyConnect requires IKEV2, and certificates.  
    It does not allow for pre-shared passwords, like VPN-client.  
    Is there a way I can build the lab without getting a certificate?

    AnyConnect does not require certificates if you use SSL VPN (vs. IKEv2 IPsec VPN). On an SSL VPN you can use local authentication on the ASA or external authentication to AD, LDAP, RADIUS, etc. (in addition to or instead of certificates).
    If you want to use IKEv2 and certificate authentication you can use either the ASA itself the CA server or proxy (via SCEP) to an internal CA (e.g. a Windows servers with Certificate Services). There are some other possible methods (such as the way you asked about) but in my experience they are not commonly used as few users have the knowledge or desire to go that route. Most organizations using client certificates deploy them from an internal root CA.

  • Ipod touch won't connect to computer, windows 7, and itunes, and won't charge on my computer

    Whenever I plug in my ipod touch to my computer, NOTHING HAPPENS.There is no "bleep" sound, nothing shows up under my computer, nothing shows up in itunes, and my ipod touch won't even charge. How can I fix this?
    I have tried many things to fix this issue, including reading and doing everything listed under "iOS: Device not recognized in iTunes for Windows".
    I have:
    - deleted itunes and reinstalled it
    - reset my ipod touch using the home and power key
    - tried fixing drivers
    - using a different cord
    - using a different computer (my ipod touch won't even show up on any other computer)
    etc.
    And yet my ipod touch still will not connect to my computer or itunes, and will not charge on my computer. It charges fine in the wall, though.
    I have more information that I believe may be integral to fix this issue:
    - My ipod touch is up to date with iOS 8.0.2
    - My itunes is up to date with version 11.4
    - I tried to connect my ipod using bluetooth, and it shows up like this
    (other than this, it won't show up on my computer at all)
    - After I had updated my ipod touch and itunes and even synced my ipod (which had worked fine), I had then put a facebook app and facebook message app on my ipod touch, which after I had done that the next day I noticed that my ipod touch would not even show up on my computer at all (so I deleted the apps) and yet the problem is still persisting.
    - I installed iCloud on both my ipod touch and my itunes
    - Other than what I stated, I have not made any changes to my ipod touch.
    In my device manager, NO APPLE PRODUCTS/DRIVERS SHOW UP ANYWHERE
    The only place that apple mobile device show up at is here -
    I've even tried to reset/stop/set to automatic the Apple Mobile Device here, and still it does not help.
    Someone please help me. I've provided much information, so some assistance would really be appreciated. If I need to provide more information, please let me know.

    You can try going to Settings>General>Reset>Erase all content and setting and then try setting up via iTunes. If still problem then set up via wifi and go to an Apple Store
    For how to restore:
    iTunes: Restoring iOS software
    To restore from backup see:         
    iOS: Back up and restore your iOS device with iCloud or iTunes
    If you restore from iCloud backup the apps will be automatically downloaded. If you restore from iTunes backup the apps and music have to be in the iTunes library since synced media like apps and music are not included in the backup of the iOS device that iTunes makes.
    You can redownload most iTunes purchases by:
    Downloading past purchases from the App Store, iBookstore, and iTunes Store   

  • Using Outlook (2010 & 2013) to connect to Exchange using EWS

    First things first.
    I know that Outlook on the PC platform uses MAPI to connect to Excahnge while the Mac flavor of Outlook uses EWS, however, i was cycling through some available EX and ExO PowerShell cmdlets and found a parameter for set-casmailbox named EWSAllowOutlook Which
    leads me to believe that configuring this setting should allow Outlook to use EWS to connect to Exchange. (This is a separate parameter from EWSAllowMacOutlook).
    I tried a manual configuration (entering in the EWS url and setting the correct Outlook Anywhere settings) with no success.
    I also tried manual configuration of an outlook.com and activesync account and entering the EWS URL as well with no success.
    Has anyone successfully configured Outlook for PC to connect to Exchange using EWS and how did you configure the client?
    Thanks

    Hi,
    Sorry for the late reply.
    About the EWSAllowOutlook parameter, I have something to clarify.
    This parameter allow or disallow Outlook 2007 to access EWS for the user.
    Outlook uses EWS for free/buzy, OOF settings, and calendar sharing.
    Outlook connect to Exchange server by using MAPI is a by design behavior.
    We cannot change this.
    Hope it is helpful
    Thanks
    Mavis
    Mavis Huang
    TechNet Community Support

  • Cannot connect to db using toad

    hi ,
    I get the following error while I try to connect my db using toad and windows sql
    =========================================================
    Fatal OSN connect error 12203, connecting to:
    (DESCRIPTION=(CONNECT_DATA=(SID=INS)(CID=(PROGRAM=TOAD.exe)(HOST=Windows NT PC)(USER=altaf)))(ADDRESS_LIST=(ADDRESS=(PROTOCOL=ipc)(KEY=INS.WORLD))(ADDRESS=(COMMUNITY=tcp.world)(PROTOCOL=TCP)(Host=10.15.44.11)(Port=1521))(ADDRESS=(COMMUNITY=tcp.world)(PROTOCOL=TCP)(Host=10.15.44.11)(Port=1526))))
    VERSION INFORMATION:
    TNS for 32-bit Windows: Version 2.3.2.1.0 - Production
    Windows NT TCP/IP NT Protocol Adapter for 32-bit Windows: Version 2.3.2.1.3 - Production
    Time: 03-JUL-08 12:36:22
    Tracing not turned on.
    Tns error struct:
    nr err code: 12203
    TNS-12203: TNS:unable to connect to destination
    ns main err code: 12535
    TNS-12535: TNS:operation timed out
    ns secondary err code: 12560
    nt main err code: 505
    TNS-00505: Operation timed out
    nt secondary err code: 60
    nt OS err code: 0
    ============================================
    but the same db is connecting using froms 4.5
    may be some settings in the tnsnames or sqlnet.ora files got changed
    please advise urgently
    also can u guide me to some document detailing the significance of these two files
    Altaf

    Hi
    When trying to connect to Oracle the following error is generated:
    ORA-12203: unable to connect to destination
    Possible Causes and Remedies:
    Invalid TNS address supplied.
    Verify that the service name is correct.
    Verify that the name of the ‘host’ computer (defined as part of the TNS address) is valid and correct.
    Destination not listening.
    Ensure that the listener is running at the remove node. This can be verified on the server by using the command ‘lsnrctl80 status’ and also by looking at the services and checking that the service ‘OracleService<Sid>’ is running.
    If the listener service is not running, does not exist and the database has just been created anew on the machine by restoring it from a backup, then the listener service will need to be created:
    Oradim80 –new –sid <SID> -intpwd Oracle –startmode AUTO –pfile <full-path-of-init-file>
    This should only be done in the circumstances outlined above.
    Possibly because of underlying network transport problems.
    Check that the remote node is visible on the network.
    To gain more information in diagnosing the problem, enable tracking on the client, try making the connection again and then look at the trace file SQLNET.LOG.
    There are multiple databases on the server and the database alias was not supplied as part of the connection string. This will only arise if connecting to the database on the same machine, since normally in this instance the database alias is optional if there is only one instance. Try:
    Setting the environment variable ‘ORACLE_SID’ to the SID of the desired instance. (Consider setting ORACLE_SID in the registry.)
    Explicitly specifying a database alias when connecting to the database.
    Setting the environment variable ‘LOCAL’ or ‘REMOTE’ to the SID of the desired database. The service name does not then need to be specified.
    Note: Using the utility ‘TNSPING’ may help in identifying any problems. As well as identifying whether a successful connection can be made, it also indicates whether the TNS name supplied is valid and if so then the host computer that it is trying to connect to. Syntax:
    TNSPING <tns-name>

Maybe you are looking for

  • Purchase Order: Price adopition

    Hi all, I need help on the customizing of SAP MM. Problem: I need to copy the price of the Purchase Requisition on the field price of the Purchase Order I have seen that in the transaction SPRO in Material Management - Purchasing - Environment Data -

  • How do I create a slideshow with selected photos on my iPad2

    I want to create a slideslow using selected photos (not all photos) from the photos that I've imported to my iPad.  Can you tell me how to do this?

  • Import/Export from Unix

    hi, there, i just got a problem in exporting my database from unix. the account that i got is from my client, and so i can login as a regular user only. my story is, i'm now using unix to access the oracle, but i can't do any exporting action, i got

  • TabNavigator - How to change what happens when a user clicks a tab

    I am using a TabNavigator in my Flex application and I'd like to be able to change what happens when a user clicks a tab on the TabNavigator. I'd like to be able to handle the click on the tab myself and stop Flex from perfoming it's default actions.

  • Scorecard Time Conversion Issues

    Hi - I'm having an issue with getting the right calculation for the latest year (to date) for a monthly metric with the following 3 values.  This is with 3/31/2010 selected for the 'As Of' date in the scorecard, and the metric has the time conversion