Hi, I've got a couple of Wi-Fi APs that support "802.1X" (3Com 7760), so I want to configure them to authorize client connections based on user information stored in an LDAP server (Fedora Directory Server, all users already have "samba" type password hashes).
My first question for the list, to which I haven't been able to find a clear answer ever is : What EAP sub-types are the ones I should configure? My requirements : * Be able to have many different types of clients supported (Windows XP, GNU/Linux wpa_supplicant/NM, mobile devices etc.). * Not to have to bother about a local CA or any type of PKI (i.e. not generate certificates for all users, just have them user their login/pass). I used to have a working EAP-PEAP setup, with MSCHAPv2 IIRC, the current LDAP server and a Linksys AP. Unfortunately that setup is no more and I need to reconfigure one from scratch. Should I go with EAP-PEAP? Is that the "PEAPv0/EAP-MSCHAPv2" from the wiki? I also store md5 passwords in my LDAP server, is there any other simpler way to configure access using those instead of the LM/NT passwords? (my understanding is that... nope) Sorry for all of these possibly silly questions, it's just that the more docs I read to try and implement what I need, the more I feel lost (which isn't a very good sign). TIA for any help, Matthias -- Clean custom Red Hat Linux rpm packages : http://freshrpms.net/ Fedora release 9 (Sulphur) - Linux kernel 2.6.26.5-45.fc9.x86_64 Load : 0.57 0.52 0.60 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
