How to grant some (!) devices access to network but all others have to provide passwords
uj2.hahn at posteo.de
uj2.hahn at posteo.de
Mon Dec 23 18:12:49 CET 2019
Thanks, Alan!
I generated brand new certificates and installed them on one Android
tablet.
But now I'm not sure what the expected use model is:
Can I connect immediately without any credentials or do I have to
provide a valid user/passwd once
and it will be saved forever?
When I try to connect I see the WLAN credential form again (although it
looks different than before).
So I have to enter some valid credential. Then it is saved. Is this the
expected behavior?
What is the expected message in the debug logfile saying everything is
fine with the certificates?
Thanks
Uwe
On 22.12.2019 15:47, Alan DeKok wrote:
> On Dec 22, 2019, at 6:18 AM, uj2.hahn at posteo.de wrote:
>> In a school all devices (students laptops, mobiles, tablets) have to use username/password via Freeradius
>> to get access to WLAN. But there are some well-defined school-owned devices (laptops, tablets) which should
>> connect to WLAN immediately w/o any credentials.
>> Which options do I have to realize that? MAC checks? Certificates?
> If the WiFi is using EAP / 802.1X, then you must use 802.1X for *all* devices.
>
> For school-owned devices, the best way to do this is via certificates. It's (somewhat) difficult to copy the certificate to another machine. If the device is stolen, you can just revoke the certificate.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list