Pfsense as WPA2 Enterprise Client

tec

Hi does Anyone now how to SetUp PFsense as a WPA2 Client with Certificates?
Maybe with writting directly in a conf file?

Regards

tec

So after searching a little bit i was able to use PFsense as an Wpa2 Enterprise Client with EAP TTLS.
The configuration file for the wpa_supplicant_ath0.conf which was provided by the university was the following:
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=1
network={
        ssid="TUD"
        proto=WPA2
        key_mgmt=WPA-EAP
        eap=TTLS
        anonymous_identity="anonymous"
        identity=".ichbins.hrz.tu"
        password="das ist mein Password"
        ca_cert="/etc/tmp/tud.pem"
        phase2="auth=PAP"
}

However the Problem with this Approach is, that if i Click on the Status->interface->Wan (release/renew) button it will take the Parameters from config.xml.
Adding the following tags to config.xml
<eap>TTLS</eap>
<anonymous_identity>"anonymous"</anonymous_identity>
<identity>".ichbins.hrz.tu"</identity>
<password>"das ist mein Password"</password>
<ca_cert>"/tmp/tudcerts.pem"</ca_cert>
<phase2>"auth=PAP"</phase2>

Did not work, could some give me a hint on how to "expand" config.xml for this additional fields, that the generated wpa_supplicant_ath0.conf will match the one provided from the University ?
Regards

hoba

Interesting, maybe these parameters could just be integrated into the gui?