eap-tls on non-domain computers?!
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Fri Oct 5 05:36:05 CEST 2018
> On Oct 5, 2018, at 3:10 AM, Elias Pereira <empbilly at gmail.com> wrote:
>
> hello,
>
> I have an environment with samba4 ADDC and freeradius for eap-tls
> authentication. For computers that are in the domain, eap-tls
> authentication with personal certificate is already working.
>
> I would like to do EAP-TLS authentication for computers that are not in our
> domain, ie private computers, but that the user is part of our domain.
>
> Is there any way to do this via eap-tls?
Yes of course. But you'll need to manually provision the certificates a you cant rely on them being automatically provisioned by AD.
There's lots of information on the internet about configuring EAP-TLS on Windows. It's not really related to FreeRADIUS and out of scope for this list.
-Arran
More information about the Freeradius-Users
mailing list