so it is, you can only protect your AP client with the shared secret key.
Not necessarily. If the switch to which the WAP is connected supports
802.1x, it could act as a NAS and authenticate the WAP with EAP/TLS.
By WAP I take it you mean the wireless client, right? If so, this is
indeed the case - the client will be a Linux-based device with
wpa_supplicant and a driver which supports nl80211/cfg80211, so I can
configure - at least on the client's part - EAP-TTLS/EAP-TLS
authentication. My aim is to do the same on AP and RADIUS, which is the
point of actually starting this thread as my "experience" with RADIUS is
nil.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html