RE: WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates?

2011-07-27 Thread Osborne, Bruce W
: Tuesday, July 26, 2011 5:03 PM Subject: Re: WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates? Hmm... Does the esoteric Windows required criteria (extendedKeyUsage=1.3.6.1.5.5.7.3.1 or somewhere thereabouts) :) also work to allow macosx to not require network validation though even

Re: [WIRELESS-LAN] WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates?

2011-07-26 Thread Travis Schick
Hmm... Does the esoteric Windows required criteria (extendedKeyUsage=1.3.6.1.5.5.7.3.1 or somewhere thereabouts) :) also work to allow macosx to not require network validation though even for just win7+ I should see if its possible to get such a cert via incommon... Travis On Mon, Jul 25,

Re: [WIRELESS-LAN] WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates?

2011-07-25 Thread Travis Schick
It sounds like you want to use an ssl certificate for PEAP - that won't generate a prompt to the user asking to trust said cert. Unfortunately I don't think that is possible (unless you disable checking as you mentioned) - without having someone installing (trusting) the cert ahead of time.

Re: WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates?

2011-07-25 Thread Eric W. LaCroix
I am out of the office until Monday 8/1. If you are looking for technical support please email t...@newhampton.org or call 603-677-3454. Thanks! ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at

Re: [WIRELESS-LAN] WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates?

2011-07-25 Thread Jeff Kell
On 7/25/2011 3:02 PM, Travis Schick wrote: The problem as I understand it - is that without having a network connection - you are unable to verify the server presenting the certificate to you - you need to trust it first - and for win7/macosx the default is to prompt the user. If the

RE: [WIRELESS-LAN] WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates?

2011-07-22 Thread Ayres G.J.
Hi, I'm aware of the XpressConnect option to plug-and-play a connection configuration, but they are really beyond our budget at this point in time. At Swansea University (UK) we use the SU1X tool to distribute and install a self-signed cert for our windows users as well as configure their

WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates?

2011-07-21 Thread Jeff Kell
We are finally planning a WPA2 rollout after years of procrastination (or more truthfully, finally having some time to devote to the task...) We have Aruba, passing through Bradford, with Radius supplied by Radiator, and authenticating NTLM to Active Directory (Win2K8). With just a self-signed

Re: [WIRELESS-LAN] WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates?

2011-07-21 Thread Julian Y Koh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu Jul 21 14:37:48 2011 Central Time, Jeff Kell jeff-k...@utc.edu wrote: Has anyone been there/done that with a 3rd party certificate / non-IAS/NPS solution? We've used Verisign and now InCommon/Comodo certs with Steel Belted RADIUS running