FreeRadius and WPA2-Enterprise machine authentication - With Active Directory interconnection..
Tim Reimers
treimers at ashevillenc.gov
Thu Dec 11 21:16:41 CET 2014
Hi everyone -
I'm trying to design something here that I'm sure has been done before, but AFAIK, it crosses through a few different howto documents, and
being new to this, I'm just not certain that I have pieced together all the relevant HOWTo docs and not missed a
point at which the design won't communicate the needed information.
The plan is to authenticate wireless users AND their computers. (so that a user cannot BYOD to the secure network; only laptops joined to the domain will work)
I know that WPA2-Enterprise is what I need, to be able to have rotating keys, use Radius for authentication, etc.
I know that WPA2-Enterprise requires certificates to validate the machines
I already have a Microsoft CA server running in my AD environment, with the GPO needed to push out workstation certificate enrollment
and so on, for other applications.
My question is -
Can FreeRadius (3.0.1) on centos 7
be configured to do the machine authentication using certs from the Microsoft CA server?
Meraki is the wireless infrastructure, if that helps.
Thanks, Tim
More information about the Freeradius-Users
mailing list