--On 31 December 2009 10:08 -0500 Philippe Hanset <[email protected]> wrote:
Diana, The info on the outer tunnel will always be un-encrypted for tunneled EAPs (EAP-TTLS, EAP-PEAP, EAP-TLS, EAP-FAST...). What you want is to be able to configure the supplicant to send "anonym...@realm" as the outer tunnel identifier. 802.1x doesn't need a valid username for the outer tunnel to function properly. In most supplicants (whether native OS or not) you can define the identity of the outer tunnel. Has anyone found an easy way to define the outer tunnel identity for the native Microsoft supplicant? (we haven't found one so far) If you plan to use "eduroam" in the near future, be aware that anonymous will work, but the realm will be important for eduroam-routing purposes (eg: anonym...@yourdomain will have to appear on the outer tunnel) Best 2010, Philippe Univ. of TN
Hi All, Happy New Year! Although only for Win7: <http://blogs.msdn.com/eapteam/archive/2009/01/16/peap-identity-privacy-support-in-windows7.aspx> We are using this with our Win7 eduroam clients. Regards, James -- James J J Hooper Network Specialist Information Services University of Bristol http://www.wireless.bristol.ac.uk http://www.jamesjj.net -- ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
