-----Original Message----- From: freeradius-users- bounces+jmdanner=samford.edu@lists.freeradius.org [mailto:freeradius- users-bounces+jmdanner=samford.edu@lists.freeradius.org] On Behalf Of Martin Silvero Sent: Thursday, December 18, 2008 8:31 AM To: freeradius-users@lists.freeradius.org Subject: Re: Conf PEAP
- and how, exactly, does the EAP tunnel get set up if you dont have a common certificate to enable such a construct? you've got to have a CA - and, if done properly, you've got to have the validate check as well!
Suppose a person who comes from outside the company, and wants to connect to my network, do not have the certificates. through PEAP can I give you access with a username and password without install certificates?
What I suggest?
We opted to purchase a Verisign cert for our FreeRadius server. Verisign is recognized as a trusted root by most OS's. There are less expensive certs available, but you'll definitely need a commercial cert to address your concerns. Mearl
() - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html