Conf PEAP

Danner, Mearl jmdanner at samford.edu
Thu Dec 18 15:49:18 CET 2008


> -----Original Message-----
> From: freeradius-users-
> bounces+jmdanner=samford.edu at lists.freeradius.org [mailto:freeradius-
> users-bounces+jmdanner=samford.edu at lists.freeradius.org] On Behalf Of
> Martin Silvero
> Sent: Thursday, December 18, 2008 8:31 AM
> To: freeradius-users at lists.freeradius.org
> Subject: Re: Conf PEAP
> 
> >- and how, exactly, does the EAP tunnel get set up if you dont
> >have a common certificate to enable such a construct?  you've got
> >to have a CA - and, if done properly, you've got to have the validate
> >check as well!
> 
> 
> Suppose a person who comes from outside the company, and wants to
> connect to my network, do not have the certificates.
> through PEAP can I give you access with a username and password
> without install certificates?
> 
> What I suggest?

We opted to purchase a Verisign cert for our FreeRadius server. Verisign
is recognized as a trusted root by most OS's. There are less expensive
certs available, but you'll definitely need a commercial cert to address
your concerns.

Mearl

> 
> ()
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list