On Wednesday 07 December 2011 01:26:08 Fajar A. Nugraha wrote:
On Wed, Dec 7, 2011 at 1:15 PM, <michel@casa.co.cu> wrote:
google search and it turns out all the variations I have encountered are implementing freeradius with PEAP TLS and mysql which should generate certificates and then configure the client and in turn install these certificates to the exchange between the server and client.
I was wondering, there is some other simpler way that does not imply that this set up or install certificates on the client side?
PEAP-TTLS, PEAP-MSCHAPv2, PEAP-GTC, etc.
On these setup there's only one certificate: the server. Depending on your OS/supplicant, the client can be set up to ignore the certificate validation, or to have a pop up asking whether they trust the server certicate.
Note that the CLIENT choose which authentication method to use. Setup on NAS (i.e. access point) side is the same.
Well, I have several clients with different operating systems: Windows, Linux, Apple.
Something as simple as putting the username and password.
Once you get pass certificate trust issue, it's a matter of putting username and password.
Hi Fajar Thanks for reply me. If PEAP-TTLS, PEAP-MSCHAPv2, PEAP-GTC works with one certificate on the side of the server, of the three methods what you recomend me to use in the server? Did you have a manual, doc, i can use to setting up the authentication with freeradius with PEAP-TTLS or PEAP-MSCHAPv2 or PEAP-GTC and mysql? Michel