EAP-TLS

  • AZTCO-FW configuration:
    • Create a CA, a Server-Certificate and a Client-Certificate. Using System > Cert Manager is recom- mended.
  • FreeRADIUS configuration:
    • Create an interface, add a NAS/Client and create a user. For this example, use myuser as username and mypass as password.
  • The EAP default options are working.
    • Using AZTCO-FW Cert-Manager and selecting the CA and the server certificate is recommended.
    • Leave the password field empty
    • Download the CA.crt – not the key – from System > Cert Manager, CAs tab and Client .p12 from System
>  Cert Manager, Certificates tab
  • Client Requires password on .p12
    • If a client will not load the .p12 without a password on it, and space does not work, add a password with openssl
    • Download user cert and key vs the p12 and with the ca cert use the following command
    • openssl pkcs12 -export -certfile ca.crt -in user.crt -inkey user.key

-out user.p12

© Copyright 2025 . All Rights Reserved. AZTCO-FW| Developed By AZTCO-FW. Powered by AZTCO.