Authorize all/any users for a PEAP, WPA2 enterprise setup

James J J Hooper jjj.hooper at bristol.ac.uk
Thu Oct 27 02:15:43 CEST 2011


On 27/10/2011 00:51, Toby wrote:
> Hi all,
>
> I apologize in advance if this question has been answered previously
> but I have searched extensively and cannot find discussion of this
> particular topic.
>
> What I am wanting to setup, at least initially, is a WPA2 enterprise
> (802.11i) wireless access point that will authorize ANY user (accept
> all credentials/username-password combinations) and thereby provide
> encrypted wireless access as well as confirmation of the access
> point's identity, but not restrict which users can connect.

Your body doesn't mention PEAP, but your subject does. If you have to use 
PEAP i.e. MS-CHAPv2 inner, it's not possible:
http://wiki.freeradius.org/FAQ#How+do+I+permit+access+to+any+user+regardless+of+password%3F

You could perhaps do it with TTLS/PAP.

-James




More information about the Freeradius-Users mailing list