Pfsense as WPA2 Enterprise Client



  • Hi does Anyone now how to SetUp PFsense as a WPA2 Client with Certificates?
    Maybe with writting directly in a conf file?

    Regards



  • So after searching a little bit i was able to use PFsense as an Wpa2 Enterprise Client with EAP TTLS.
    The configuration file for the wpa_supplicant_ath0.conf which was provided by the university was the following:
    ctrl_interface=/var/run/wpa_supplicant
    ctrl_interface_group=0
    eapol_version=1
    ap_scan=1
    fast_reauth=1
    network={
            ssid="TUD"
            proto=WPA2
            key_mgmt=WPA-EAP
            eap=TTLS
            anonymous_identity="anonymous"
            identity=".ichbins.hrz.tu"
            password="das ist mein Password"
            ca_cert="/etc/tmp/tud.pem"
            phase2="auth=PAP"
    }

    However the Problem with this Approach is, that if i Click on the Status->interface->Wan (release/renew) button it will take the Parameters from config.xml.
    Adding the following tags to config.xml
    <eap>TTLS</eap>
    <anonymous_identity>"anonymous"</anonymous_identity>
    <identity>".ichbins.hrz.tu"</identity>
    <password>"das ist mein Password"</password>
    <ca_cert>"/tmp/tudcerts.pem"</ca_cert>
    <phase2>"auth=PAP"</phase2>

    Did not work, could some give me a hint on how to "expand" config.xml for this additional fields, that the generated wpa_supplicant_ath0.conf will match the one provided from the University ?
    Regards



  • Interesting, maybe these parameters could just be integrated into the gui?


Log in to reply