need help & advice getting started with freeradius
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Sun Apr 5 23:16:07 CEST 2009
Hi,
> Lol just actually read some stuff on WPA and learnt abit more about EAP. I
> realise now that TTLS does not require client certificates like I previously
> thought only the server. Apologies for this miss understanding. Although I
> do realise now that SecureW2 would be required to give my Windows users the
> ability to access this. Although this may not be to difficult to distribute
> to them I would have to look into these possible issues.
yep - your RADIUS server could be signed by a global CA (verisign, globalsign
etc) so that you dont need to worry about getting your CA onto random
laptops etc (I still say a closed-loop system where your RADIUS server
is verified by your own CA may lead to more secure system). for dealing
with plain text passwords, EAP-TTLS gives you easier admin time - though
more effort for the client - SecureW2 and OpenSEA are choices...
alan
More information about the Freeradius-Users
mailing list