You can't prevent someone with a valid certificate logging on (you can revoke it and then that user and whoever has duplicate certificate will not be able to log on). But you can stop unknown mac addresses associating with your AP. Read AP documentation. Or, if you have AD, use machine authentication as well.
Ivan Kalik Kalik Informatika ISP Dana 8/10/2007, "satish patel" <[EMAIL PROTECTED]> piše: >Dear all > > > I have installed EAP/TLS base authentication in my wirless > network i have some question about security issue i have installed > certificate on every laptop of wirless client machine now thing is that is > some one will installed that certificate on unknow client then how can i > privent them if one if my company user give his/her certificate so some one > or hacker then ??? > > is it possible i create certificate per user i genrate > ceruficate per username thats why no bodya can give his/her certificate to > untrusted party or anyother guys .....give me suggestion for this question > how to more secure my wirless NETWORK.. > > > > > >$ cat ~/satish/url.txt > >http://www.linuxbug.org >_____________________________________________________________________________________________________ > > >--------------------------------- > Unlimited freedom, unlimited storage. Get it now > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html