[EMAIL PROTECTED] wrote: > Hi, > >> The next stage of Radius is using it to secure my Wireless network. I'm >> fairly sure EAP-TLS is Certificate based, and EAP-MD5 has to do with >> using an MD5 Has as a "Shared Secret" >> >> But, I don't completely understand PEAP, and how it relates to MS-CHAP v2. >> > > before implementing a broken system I recommend that you purchase and > read a book called 'Wi-Foo' . this will help you understand all of these > protocols and methods. > > alan > - > > I wouldn't call what I've done so far a "broken system" (My MS-CHAPv2 VPN system works.)
Basically the idea is that I need the Wireless Nodes (XSupplicant) to be able to talk on the network and authorize connections. But these need to be Host based, not user based. Because the NSS stuff comes from LDAP. and PAM comes from Kerberos. So, I think that the host needs to be authenticated before the users can actually "Log in". The thing is, I'm not sure how the Aironet 340 does Radius. Can the use of EAP be voluntary at first to assure it works? (Clear Clients still working.) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html