Using tokens for 802.1x auth
stasheck
stasheck.fora at gmail.com
Thu Mar 24 10:11:29 CET 2011
2011/3/24 Phil Mayers <p.mayers at imperial.ac.uk>:
> On 03/24/2011 08:37 AM, stasheck wrote:
>
>>
>> For WiFi, we are using H3C WX30xx Access Controllers, which try to use
>> EAP, which in turn doesn't provide clear-text password that could be
>> used for cerb exec.
>
> It depends on your EAP methods.
>
> EAP-PEAP/MSCHAP (the only useful EAP method built into windows clients)
> won't work, as you've discovered; there are no plaintext passwords.
>
> EAP-TTLS/PAP will work fine, but isn't supported on windows without external
> software.
OK, so maybe I should just scratch this idea? So there's another:
some time ago I was in a hotel that granted access to it's WiFi
network using one-time user/pass combo, issued on a piece of paper at
the reception, valid for 24 hours. Could something like this be done
with Freeradius? (and yes, I looked on google and freeradius.org, but
I don't even have an idea how this auth mode is called, and frankly
I'm not even sure it was 802.1x - all I know is that it worked on my
laptop with Win7).
/br
Stan
More information about the Freeradius-Users
mailing list