All, So I finally got time to get back to this and it works! Now the only question is whether or not I'm allowing anything that I shouldn't. I'm using the freeradius rpm that came from the centos repo (CentOS 6). It seems like there are quite a few options that are enabled by default. I'm attaching the critical files (sites-enabled/default, sites-enabled/inner-tunnel, eap.conf). Is there anything I should disable to improve security? Thanks! Brian On 05/14/2014 02:24 PM, Alan DeKok wrote:
Brian C. Huffman wrote:
Are there always two levels of EAP in WPA (or WPA2) Enterprise? For TTLS and PEAP, yes. They set up a TLS tunnel between the supplicant and the server. They then send additional data inside of the tunnel.
Where do the "outerID" credentials come from? Is that the wireless station (laptop, phone, etc.) or the access point? It's always the supplicant (laptop, phone, etc.)
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html