Windows WPA

Guy Davies aguydavies at gmail.com
Fri Dec 23 20:09:13 CET 2005


I have to admit that I'm using a paid for client (Funk Odyssey).  It's very
good but at around £25 to £30 per seat (depending upon numbers) it isn't
cheap.

SecureW2 used to be free and was very good.  I seem to remember them going
open source but I've not really investigated that product in a while.

I would say that the time taken to correctly configure the client is no
different than the windows supplicant.  It generally takes me a couple of
minutes a seat to configure a user with EAP-TTLS/PAP against a RADIUS server
with existing LDAP links to an AD server.  I'd also have to specifically
identify the CA Certificate that the client should use to authenticate the
RADIUS server's certificate.  So I don't consider that an extra cost.

Rgds,

Guy

On 22/12/05, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
>
> Guy Davies wrote:
> > The other alternative is to use a third party 802.1x supplicant with a
> > decent GINA module.  This behaves *exactly* as you want.  It accepts the
> > users' credentials at the windows login, stops the windows login
> process,
> > logs the user into the network, then returns control to windows to login
> the
> > user to the AD.  I've been doing this with EAP-TTLS/PAP to an AD backend
> > with LDAP (no NTLM :-) for a while.
>
> Sure, though there's typically cost (sometimes money, sometimes just
> time) and of course the need for custom software there.
>
> Are you using a for-pay one, or are they any good free ones these days?
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051223/6b52778f/attachment.html>


More information about the Freeradius-Users mailing list