Hi,
I'm introducing 802.1x and the time has now come to Porteus Kiosk.
I have made a new installation with 4.7.0 and entered username and password.
But it seems that porteus is very limited in terms of EAP methods.
As far as i have figured out it only support EAP-TTLS/PAP. Can someone verify that or correct me?
Is there a way to make it use EAP-PEAP / EAP-MSCHAPv2?
Br,
Thomas
802.1x wired
Forum rules
Porteus Kiosk section of the forum is unmaintained now. Its kept in a 'read only' mode for archival purposes.
Please use the kiosk contact page for directing your queries: https://porteus-kiosk.org/contact.html
Porteus Kiosk section of the forum is unmaintained now. Its kept in a 'read only' mode for archival purposes.
Please use the kiosk contact page for directing your queries: https://porteus-kiosk.org/contact.html
- fanthom
- Moderator Team
- Posts: 5667
- Joined: 28 Dec 2010, 02:42
- Distribution: Porteus Kiosk
- Location: Poland
- Contact:
Re: 802.1x wired
Hi Thomas,
"As far as i have figured out it only support EAP-TTLS/PAP. Can someone verify that or correct me?"
Correct
"Is there a way to make it use EAP-PEAP / EAP-MSCHAPv2?"
As far as i know this method requires certificate to work? If yes the it will be more complicated to get it working properly as cert may expire and without network access you wont be able to update it easily.
The only way would be to load a new cert from the usb stick (which means that custom build would be required).
"As far as i have figured out it only support EAP-TTLS/PAP. Can someone verify that or correct me?"
Correct
"Is there a way to make it use EAP-PEAP / EAP-MSCHAPv2?"
As far as i know this method requires certificate to work? If yes the it will be more complicated to get it working properly as cert may expire and without network access you wont be able to update it easily.
The only way would be to load a new cert from the usb stick (which means that custom build would be required).
Please add [Solved] to your thread title if the solution was found.
Re: 802.1x wired
Yes, and no.fanthom wrote: ↑17 Jan 2019, 15:08"Is there a way to make it use EAP-PEAP / EAP-MSCHAPv2?"
As far as i know this method requires certificate to work? If yes the it will be more complicated to get it working properly as cert may expire and without network access you wont be able to update it easily.
The only way would be to load a new cert from the usb stick (which means that custom build would be required).
If set up correct, a host name and a CA should be defined. Then you can update radius cert as you see fit as long as the CA and host name is the same.
I believe Porteus base is centos. If I can make 802.1x work on a standard centos, is it possible to alter the iso?
Br
Thomas
- fanthom
- Moderator Team
- Posts: 5667
- Joined: 28 Dec 2010, 02:42
- Distribution: Porteus Kiosk
- Location: Poland
- Contact:
Re: 802.1x wired
I'm sorry but i dont understand the concept (I thought when cert is not available or expires then network connection cant be established?)
Anyway - feel free to customize the ISO and make it working the way you want:
https://porteus-kiosk.org/kiosk-customization.html
Thanks
Anyway - feel free to customize the ISO and make it working the way you want:
https://porteus-kiosk.org/kiosk-customization.html
Thanks
Please add [Solved] to your thread title if the solution was found.