FreeRADIUS3 OTP and WiFi
-
Hello,
I am using RADIUS for my WiFi network. It works fine with a username and password. EAP-PEAP with MSCHAPv2 works fine with my phones (iPhone, Android), tablets (iPad, Android) and my laptop (Debian GNU/Linux).
I did notice OTP. Is it possible to use OTP with WiFI?
Maybe this question is a bit odd, as the password keeps changing. I did test EAP-PEAP MSCHAPv2 and GTC to see if my phone authenticates once - just as a test - but it fails.
GTC results in "EAP sub-module failed" and MSCHAPv2 results in "No NT/LM-Password".
Any ideas if this is feasible? Or if something similar works better? Thanks.
-
So why would you want to make your life so difficult? Who are the clients to access said wireless network?
Why not just lock down who can access with eap-tls? Ie use a cert..
-
I'm just curious if something like this is possible. But I think you are right :-)
-
Just because freerad supports such a thing - why would you think connecting to wifi network would.. Does your AP support such a model? With OTP to auth to the wifi network?
-
@johnpoz I just added my Ruckus R500 under "NAS / Clients" using a client shared secret and configured a test network on my access point.
Authentication of the WiFi users is done by FreeRADIUS based on a username and password. It's just out of curiosity to see if OTP would work instead of a password.
-
I guess it could replace the password with the otp... But that would really be such a pain the ass... What happens when wifi drops or something and you need to reauth.