EAP-TTLS/EAP-TLS with freeRADIUS
Mr Dash Four
mr.dash.four at googlemail.com
Sun Nov 27 00:49:09 CET 2011
>> so it is, you can only protect your AP client with the shared secret key.
>>
>
> Not necessarily. If the switch to which the WAP is connected supports
> 802.1x, it could act as a NAS and authenticate the WAP with EAP/TLS.
>
By WAP I take it you mean the wireless client, right? If so, this is
indeed the case - the client will be a Linux-based device with
wpa_supplicant and a driver which supports nl80211/cfg80211, so I can
configure - at least on the client's part - EAP-TTLS/EAP-TLS
authentication. My aim is to do the same on AP and RADIUS, which is the
point of actually starting this thread as my "experience" with RADIUS is
nil.
More information about the Freeradius-Users
mailing list