We don't want to install certificates on the clients, but the problem that is given in wikipedia is that anybody can install an access point with the same ssid and a client that would connect with it would give him his MSCHAP encrypted username and password. How easy is it to crack such a password? An authentification wouldn't have happened but the attacker would have had the encrypted usernames and passwords. That is a problem because in my configuration that usernames and passwords are used for the active directory. So is it only secure to connect to the AD when checking the certificates? Or is there another possibility to make it secure without installing certificates?
Best Regards Sebastian Heinrich Techn. DV Aluminium Oxid Stade GmbH 21683 Stade email [email protected] web http://www.aos-stade.de - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
