14 Sep
2010
14 Sep
'10
12:45 p.m.
On 09/14/2010 11:53 AM, Esteban TALAVERA wrote:
Thanks
Is an autonomous AP. I'll try Freeradius+MySql+EAP-TLS schema.
Huh? What's that? As has been pointed previously you must have a server cert if you're doing TLS. In addition the server cert should be signed by a trusted CA and the supplicant should validate the cert (anything less would be a ridiculous security risk). No amount of fudging the server configuration is going to magically modify the fundamental requirements of TLS. If you don't want to set up a server cert forget about supporting PEAP, EAP_TLS, etc. (which means most Windows clients will not work). -- John Dennis <jdennis@redhat.com> Looking to carve out IT costs? www.redhat.com/carveoutcosts/