On Wed, 2007-04-04 at 22:16 +0100, Arran Cudbard-Bell wrote: > Is it really just as simple as creating the certificate, signing it with > the right extensions, installing the proper rootCA on the windows > machines , and configuring the windows supplicant correctly ? > Pretty much. As long as you have the proper IP address for the AP in your clients.conf, which was my particular stupidity :) Still, it seems to work for me. > Which would be > > In authentication tab > Enable IEEE 802.1x authentication for this network > Setting EAP Type to PEAP > > In properties > Validate server certificate > Authentication method EAP-MSCHAP v2 > Checking the Root CA the certificate was signed with . > > In Configure > Automatically use my windows logo name and password unchecked. > I am using both client and server certificates, so the logon and password is not currently needed -- for me.
-- Ian Truelsen s/v Sting Email: [EMAIL PROTECTED] AIM: ihtruelsen MSN: [EMAIL PROTECTED] Google Talk: [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html