On 09/14/2010 11:53 AM, Esteban TALAVERA wrote:
Thanks
Is an autonomous AP.
I'll try Freeradius+MySql+EAP-TLS schema.
Huh? What's that?
As has been pointed previously you must have a server cert if you're
doing TLS.
In addition the server cert should be signed by a trusted CA and the
supplicant should validate the cert (anything less would be a ridiculous
security risk).
No amount of fudging the server configuration is going to magically
modify the fundamental requirements of TLS. If you don't want to set up
a server cert forget about supporting PEAP, EAP_TLS, etc. (which means
most Windows clients will not work).
--
John Dennis <[email protected]>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
