23 Jun
2015
23 Jun
'15
12:12 p.m.
The SSHA are non reversible and LDAP won't do challenge response for PEAP. So you either need to have them in another encryption method or be limited to EAP-TTLS/PAP Regarding cert. ..and this is very important for TTLS/PAP. The common name is just a name that the clients are configured to check in the applicant properties. Common practice is to use a domain name that makes sense. ...but you can just call it 'networkaccess' if you want.....that'd even work across a proxied link. Use the same cert on both servers. ..its not like secure web where you are tied to DNS and host name mappings. alan