PEAP and MSCHAPv2

  • FreeRADIUS package configuration:
    • Configure an interface in FreeRADIUS > Interfaces
    • Create a CA-Certificate and a Server-Certificate. Choose AZTCO-FW Cert-Manager or FreeRADIUS Cert- Manager but never use the default certificates which come with FreeRADIUS after package installation!
    • Select the certificates in FreeRADIUS > EAP. If FreeRADIUS as Cert-Manager is selected then nothing needs changed. If AZTCO-FW Cert-Manager was chosen, then it must be enabled there and the certs must be chosen from the pulldown menu. Click Save.
    • Add the WLAN-AccessPoint in FreeRADIUS > NAS/Clients
    • Add a username/password in FreeRADIUS > Users
  • WLAN Access-Point Configuration:
    • Change the wireless encryption to WPA-Enterprise or better WPA2-Enterprise with TKIP or better
  • WLAN Device (Supplicant) Configuration:
    • Some devices can autoconfigure the Authentication- and Encryption-Method. If not choose PEAP as encryption and MS-CHAPv2 as Authentication.
    • Connect to WLAN AccessPoint and the client will be prompted for username and password
    • Some devices auto-accept the CA-Certificate as valid. Often this CA-Certificate will first need to be accepted. This is the certificate created on AZTCO-FW.

The most part of the “command line action” which is done in these tutorials can be done from FreeRADIUS GUI.

© Copyright 2025 . All Rights Reserved. AZTCO-FW| Developed By AZTCO-FW. Powered by AZTCO.