wireless identity validation problem

Home Page Forums Network Management ZeroShell wireless identity validation problem

This topic contains 12 replies, has 0 voices, and was last updated by  nrandom 11 years, 8 months ago.

Viewing 14 posts - 1 through 14 (of 14 total)
  • Author
    Posts
  • #40652

    nrandom
    Member

    I am using paul taylor’s document for configuring wireless and windows clients.

    I have followed his document to the letter. However, when I try to connect with windows xp client I get the message ‘validating identity’ for a about 2 minutes. Then I receive an error message saying it cannot find a certificate.

    Has anyone else seen this? Has anyone solved this and how did you do so?

    thanks for the help
    noemi

    #45461

    nrandom
    Member

    turned out the notebooks had a os problem. It now validates.

    #45462

    msanders
    Member

    I am also having a ‘validating identity’ problem, could you please tell me what your problem was, maybe I have the same.

    My setup is:

    Linksys wrt54G with linksys own firmware (latest) Version 1

    Seperate firwall, linksys on seperate network as zeroshell

    I have followed paul taylor’s document line by line, I am just not sure what is wrong. I have also tried different laopts with different wireless cards thinking it is hardware, and still no.

    Apppreciate any pointers, I have been spending countless hours and no result, I need some fresh ideas.

    Thanks,
    Mike

    #45463

    nrandom
    Member

    What I found was that windows wireless setup was generating another configuration after I finished mine. It did not show up until I tried to connect for the first time.

    Then when I opened wireless properties I saw that I had two configurations for the same ESSID.

    The fix was to keep the autogenerated one by windows ( it was in all caps) and remove the one I setup.

    Also, in wireless properties tab authentication, windows was defaulting to smart card for authentication even though I chose certificates.

    Hope this helps. I know your frustration!

    #45464

    msanders
    Member

    Thanks for response.

    Well It doesn’t seem to be my problem. If I just got an error, that would be something, It just keep saying ‘validating identity’ for ever. I wonder if it is the firmware? Or the fact that it is on different network. I opened all ports between Linksys router IP and zeroshell IP.

    Anyone, any idea? I have wiped and re-tried zeroshell multiple times, I have reset the router, I have done all I could think of. I am wiling to put DD-WRT on, if something thinks that would help. Maybe if someone has gotten it to work with the default linksys router, could share their experiance. Also if your running your router and zeroshell on different network, maybe you could also help there.

    Thanks in advance,
    Mike

    #45465

    imported_fulvio
    Participant

    Have you checked the radiusd log?

    #45466

    msanders
    Member

    After activating logs under log menu, I go to logs, radiusd section, and it says “Ready to process requests.”

    But I don’t see anything else, I press referesh and nothing. Do I have to activate anything else to see more logs?

    Now I am wondering If I am connecting to radius server from the router?

    Anyway I can test these connections? My laptop is on the same network as my linksys router and I can ssh from laptop to zeroshell, so that tells me they can talk to each other since I opened all ports. or maybe the problem is laptop to router. I wish I would some kind of error here.

    Thanks,
    Mike

    #45467

    imported_fulvio
    Participant

    Have you correctly configured the Access Point IP and related Shared Secret in the section [Radius]->[Access Point]?

    #45468

    msanders
    Member

    I have double checked those and it looks fine, the ip is the WRT54G and the 31 characters key.

    What I am noticing which could be the problem is the linksys router, every day I come, I can not login to it, I had to reboot it, now today, no matter what I do, I can not login to it focurse no resets yet. I think either router or firmware is a problem, since I have already reset it rnough times, it is time for DD-WRT, I give that one a chance, it can not be worse than linksys oen firmware. If at that point it act crazy, then maybe it is time to buy a new router.

    Unless anyone has any other suggestion, I will change the firmware, try again and let everyone know the result which I am hoping to be positive.

    Thanks,
    Mike

    #45469

    msanders
    Member

    Well, I installed DD-WRT, that went well, but it did not work. I tried everything. So I said to myself, what happens if I put both zeroshell and the wrt54g on same network, yes it works.

    So once on same network, I did netstat and I see whats established. UDP port 1812 between wrt54g and zeroshell. Once they are on seperate network, the same port gets established , but it does not work. So I am out of ideas.

    Maybe someone who has similar setup with two networks, could give me some ideas please. If such a setup is not possible, then I like to know. I could always put zeroshell on blue network which is my wireless network. Right now zeroshell is on green network.

    Maybe someone could answer this: If it is possible to have them on seperate network?

    Thanks in advance for any info,
    Mike

    #45470

    imported_fulvio
    Participant

    I think that between the radius server and your access point there is a NAT router. If so you must associate the shared secred in the access point list with the IP address of the NAT router. This is because the access point contacts the radius server with a masqerade IP.

    Regards
    Fulvio

    #45471

    msanders
    Member

    Well I looked over everything. If I underestood you correctly, my setup is:

    zeroshell: green network: 192.168.1.230 gatway 192.168.1.1
    Accesspoint: Blue network: 192.168.1.240 gateway 192.168.2.1

    Blue can ssh to zeroshell, firewall shows that only these two ips are trying to talk to each other. UDP port 1812

    I am also posting to IPCops forum see anyone over there has any ideas.

    I was reading more and it seems to be normal for people to put both on different networks, actually recommended.

    I have put holes in firewall everywhere, nothing seems to work. Could it have anything to do with some kind of route I have to setup?

    Thank again,
    Mike

    #45472

    imported_fulvio
    Participant

    From the section [Radius]->[Access Point] you must add the IP 192.168.1.1 (IPCop NAT firewall) with the shared secret of the accesspoint.

    #45473

    msanders
    Member

    Well good news, it worked. The problem was so easy; I am so ashamed not seeing it earlier. It was not zeroshell at all. So everything normal like the document said. The problem was that, the Linksys router has 3 MAC address coming out of it. One of them is LAN. In DD-WRT, it shows them clearly. That one has to be added to my firewall to have access to outside. Everything works perfectly after that.

    So easy, I can’t believe I never saw it.

    Thanks Fulvio for being so patient and trying to solve my problem.

    Mike

Viewing 14 posts - 1 through 14 (of 14 total)

You must be logged in to reply to this topic.