Hi, > Oh and by broken I mean windows XP type broken, as in will only attempt > TLS authentication broken... and sends the username and password a user > logged into the machine with by default broken... and so can never work > out of the box broken.
FWIW, an unconfigured Windows XP box will not send anything on EAP-TLS for either wired or wireless either - as it needs to have a private certificate or smartcard. both of which are absent. only if you do a quick change of that default entry to make it PEAP will the next broken bits appear (use windows login/password for authentication etc) no. the only sane way is to provide an open wifi connection which is a walled garden under which they can read onfig docs or install a nice configurator program to set their wifi up properly > and were assuming people running linux are clever enough to setup x > supplicant without support :) if they can get their wifi drivers compiled and running, configuring wpa_supplicant is easy! PS dont forget folks that wpa_supplicant also works on the wired interfaces on linux too....so dot1x on wired is 'trivial' with linux alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
