So then it seems to me that my best solution would then be to implement either an EAP-PEAP or EAP-TTLS solution authenticating against either my mysql or my active directory (I've been reading the ntlm authentication through samba, and it's not something hard to set up). This way I can have server-side certificates only and have the users login with their usernames and passwords. What would, in your opinion, be better? TTLS or PEAP? Also, if I had a laptop for school-only use (say, for example, a laptop that we provide for the users), in this case the wireless connection would ned to be establish without user input (for example, have he machine connected already so that the user can log into the machine through windows). Could I then still use either of these methods (and generate a client cert to log in), or should I implement a different solution? Thanks, German Kalinec A.L.M.Buxey wrote:
Hi,
responsibility entails). A quick question, however, would this be just as eay to set up on a Macintosh? (since many of my supplicants will be macs..)
Macs are very friendly with wireless (well, if its OSX 10.3 and higher anyway). you can configure them to match the PC method - EAP-PEAP or go via EAP-TTLS with MSCHAPv2 internal tunnel etc
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- View this message in context: http://www.nabble.com/a-freeradious-wireless-solution-for-a-school-tf3036221... Sent from the FreeRadius - User mailing list archive at Nabble.com.