Hi, > Lol just actually read some stuff on WPA and learnt abit more about EAP. I > realise now that TTLS does not require client certificates like I previously > thought only the server. Apologies for this miss understanding. Although I > do realise now that SecureW2 would be required to give my Windows users the > ability to access this. Although this may not be to difficult to distribute > to them I would have to look into these possible issues.
yep - your RADIUS server could be signed by a global CA (verisign, globalsign etc) so that you dont need to worry about getting your CA onto random laptops etc (I still say a closed-loop system where your RADIUS server is verified by your own CA may lead to more secure system). for dealing with plain text passwords, EAP-TTLS gives you easier admin time - though more effort for the client - SecureW2 and OpenSEA are choices... alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
