802.1x Issue

Arran Cudbard-Bell a.cudbardb at freeradius.org
Mon Dec 3 18:30:07 CET 2012


On 3 Dec 2012, at 17:17, Brekler Custodio <brekler88 at hotmail.com> wrote:

> 
> > i'll repeat what was already said in this thread:
> > 
> > 
> > "Old Windows systems need an extra supplicant to do other forms of EAP such as EAP-TTLS/PAP - eg open1X or SecureW2 - Windows 8 now natively supports such EAP methods "
> 
> Ohhh now i understand what you mean. good to know.
> 
> 
> > your level of success with such 3rd party supplicants will be mixed and varied...sometimes
> > it wont install, sometimes it has issues with the wireless drivers.
>  
> So would you recommend ? Your opinion above looks like you wouldnt do that, since it may not work. Kinda complicated, since we are an university, and need to work with everyone.

1) Setup a conversion portal where users can get their passwords rehashed into NT4-Password format, store those passwords in a database or LDAP directory.

2) Buy the cloudpath client, or use one of the other desolvable clients, use it to configure the native windows supplicant.

3) Hire someone who knows what they're doing to fix broken supplicant issues on your help desk.

In my experience if you do those three things you will minimise the seathing hatred of your users. If you implement eduroam so they can get on Facebook at other Universities then they might even like you a bit, once they realise what it's for.

-Arran


More information about the Freeradius-Users mailing list