2011/3/24 Phil Mayers <p.mayers@imperial.ac.uk>:
On 03/24/2011 08:37 AM, stasheck wrote:
For WiFi, we are using H3C WX30xx Access Controllers, which try to use EAP, which in turn doesn't provide clear-text password that could be used for cerb exec.
It depends on your EAP methods.
EAP-PEAP/MSCHAP (the only useful EAP method built into windows clients) won't work, as you've discovered; there are no plaintext passwords.
EAP-TTLS/PAP will work fine, but isn't supported on windows without external software.
OK, so maybe I should just scratch this idea? So there's another: some time ago I was in a hotel that granted access to it's WiFi network using one-time user/pass combo, issued on a piece of paper at the reception, valid for 24 hours. Could something like this be done with Freeradius? (and yes, I looked on google and freeradius.org, but I don't even have an idea how this auth mode is called, and frankly I'm not even sure it was 802.1x - all I know is that it worked on my laptop with Win7). /br Stan