Hi,... Am Donnerstag, den 16.07.2009, 08:27 +0200 schrieb Stefan Winter:
Your bet is correct: WPAx-PSK does not consult a RADIUS server at all. One PSK is for the whole SSID, there is not usually a PSK-per-user. So
Thanks, i wanted to get sure about that.
how did you do that with hostap; have one SSID for every MAC, and one PSK associated to it?
No, one (1) SSID and for every MAC a different PSK. For that, hostapd can read a file with pairs of "$MAC $PSK". (option: "wpa_psk_file=/path/to/hostapd.wpa_psk")
If you want individual keys per client, WPAx-Enterprise with 802.1X authentication is the commodity way. If your users get confused with the certs, either create a pre-configured site deployment of your supplicant which sets stuff up for them (exists for many supplicants)
Can you please provide some keywords or maybe links for that? Seems that i use wrong seach terms, because i found nothing real usable. Thanks!
or educate your users until they get it.
This is may be the hardest part. ;-) best regards -- Stefan Jensen <sjensen@versanet.de>