Freeradius + MySql + Wireless Clients without certificates

Alan Buxey A.L.M.Buxey at
Tue Sep 14 21:12:37 CEST 2010


> I agree for the most part.  However, captive portals will still be in
> use for guest access.  There's less administrative and helpdesk overhead
> for this type of deployment.
> On windows machines, the CA/cert trust has to be explicitly enabled.
> This can be a barrier for un-managed and non-employee machines.

so visitors get a nice easy coffee-shop way onto the network whilst
employees have to suffer the wrath of 21 steps of PEAP hell?  nah. thats just not fair.

there are several tools developing nicely which make getting onto
an 802.1X network nice and easy for all people....staff, students or
visitors - eg Cloudpath and su1x - with these, there is no nasty CA/cert trust
for a visitor to deal with. 

and if they cannot get onto the supplied network, then theres always a 
commercial link or 3G dongle option (most modern 'road warriors' have
eg 3G dongle or MiFi in their pocket to avoid stupid wifi charges
at hotels ;-) )


More information about the Freeradius-Users mailing list