How to configure openwisp along with freeradius for WPA Enterprise (EAP TLS)

[Sailaja Ungati]

Hi all,

I am trying to integrate freeradius with openwisp so that i can use WPA Enterprise (EAP TLS). I went through the openwisp documentation  and found steps to configure freeradius for WPA(EAP-TTLS-PAP) :
https://openwisp.io/docs/dev/radius/deploy/freeradius_wpa_enterprise.html

But I couldn't found the same for TLS.

Can anyone tell me steps to do so?

Thanks & Regards

Sailaja

[Shubham kumar]

I am also trying to do the same thing.

I enabled the freeradius module with the following content of playbook file:
- hosts: openwisp2 become: "{{ become | default('yes') }}" roles: - openwisp.openwisp2 vars: openwisp2_radius: true openwisp2_freeradius_install: true # set to false when you don't want to register openwisp-radius # API endpoints. openwisp2_radius_urls: true
Then I configured freeradius to use eap-tls by setting default_eap_type=tls and provided the path to server and ca certificates and their respective passwords.
And I also configured both access point as well as station to use wpa3 eap-tls but when station try to verify itself I am getting following error while running freeradius -X:

ERROR: username and password field cannot be left empty. (this is coming from openwisp)

and if I am running only freeradius (without openwisp) then this error is not coming and i am able to authenticate station.

so here problem is wpa3 has to ask for the certificates rather than username and password, then why this error is coming and what is the solution for that.