Hi,
Are there any open source wireless clients for Windows based (2000 & XP) machines, rather than using what comes with the wireless hardware?
Several. My favourite is at http://www.securew2.com. . Stefan -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
Thanks for the link Stefan. I am having a problem with our wireless clients re-authenticating (non-radius issue I believe) anywhere from a few seconds, to four minutes, to a few hours. The client is NOT moving. This is a simple design of Cisco 1231 APs and laptop/desktop clients. Strange. Also, I am under the understanding that EAP-TLS does NOT require a client side cert, and EAP-TTLS DOES require a client side cert. Is this correct or is my thinking backwards. I am only interested in a server side cert. Scott -----Original Message----- From: Stefan Winter [mailto:stefan.winter@restena.lu] Sent: Friday, December 01, 2006 9:54 AM To: scott@renshawauto.com; FreeRadius users mailing list Subject: Re: (no subject) Hi,
Are there any open source wireless clients for Windows based (2000 & XP) machines, rather than using what comes with the wireless hardware?
Several. My favourite is at http://www.securew2.com. . Stefan -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
Also, I am under the understanding that EAP-TLS does NOT require a client side cert, and EAP-TTLS DOES require a
EAP-TLS requires both server-side and client-side certs. EAP-TTLS requires only a server-side cert. The client-side authentication is performed through an inner TLS tunnel and is usually PAP (but can be any EAP method). Regards, Thibault
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thibault Le Meur wrote:
EAP-TTLS requires only a server-side cert. The client-side authentication is performed through an inner TLS tunnel and is usually PAP (but can be any EAP method).
Several 801.1x/WPA clients can elect _not_ to verify the server's certificate with EAP-TTLS and EAP-PEAP. This allows Man-in-the-middle attacks. - -- ============== +----------------------------------------------+ Martin Gadbois | "Windows might take you from 0 to 60 faster, | S/W Developer | but to go to 100 you need Unix." | Colubris Networks Inc. +----------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFcHE79Y3/iTTCEDkRAmcaAJ4zhaOrgU2eJu+DYjxJ1LeeLj4LRgCgrHfg znf7AG/N0tZsXjiKtEM/XZ4= =Lm4S -----END PGP SIGNATURE-----
Scott Hughes wrote:
I am having a problem with our wireless clients re-authenticating (non-radius issue I believe) anywhere from a few seconds, to four minutes, to a few hours. The client is NOT moving. This is a simple design of Cisco 1231 APs and laptop/desktop clients. Strange.
They may be losing connectivity to the NAS (i.e. wireless problems). When that happens, they re-authenticate.
Also, I am under the understanding that EAP-TLS does NOT require a client side cert, and EAP-TTLS DOES require a client side cert. Is this correct or is my thinking backwards. I am only interested in a server side cert.
Then use TTLS. TLS requires a client cert. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
Alan, I have tested the signal strength possibility and that is not the issue. Either the client or the AP is causing the disconnect / reconnect. This quite frequently results in the user being disconnected from various applications (but not always). Scott -----Original Message----- From: Alan DeKok <aland@deployingradius.com> Date: Fri, 01 Dec 2006 09:50:21 To:scott@renshawauto.com, FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Subject: EAP questions Scott Hughes wrote:
I am having a problem with our wireless clients re-authenticating (non-radius issue I believe) anywhere from a few seconds, to four minutes, to a few hours. The client is NOT moving. This is a simple design of Cisco 1231 APs and laptop/desktop clients. Strange.
They may be losing connectivity to the NAS (i.e. wireless problems). When that happens, they re-authenticate.
Also, I am under the understanding that EAP-TLS does NOT require a client side cert, and EAP-TTLS DOES require a client side cert. Is this correct or is my thinking backwards. I am only interested in a server side cert.
Then use TTLS. TLS requires a client cert. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
participants (5)
-
Alan DeKok -
Martin Gadbois -
Scott Hughes -
Stefan Winter -
Thibault Le Meur