Assuming PEAPv0 is used, this is expected behavior when you're using a
private PKI (Microsoft CA for example) as the client won't trust the
private CA unless you've used a method to get the private PKI root
certificate to the client.
In enterprise environments you've got group policy to do thi
Also consider ClearPass QuickConnect from Aruba Networks.
**
Tim Cappalli*, *Network Engineer
LTS | Brandeis University
x67149 | (617) 701-7149
cappa...@brandeis.edu
On Tue, Apr 16, 2013 at 2:40 PM, Williams, Mr. Michael <
mmwilli...@tarleton.edu> wrote:
> Thanks Lee. I am going to take a look
We use a public CA, but the default configuration for PEAP on windows is to
verify the certificate and not trust any CA. As part of our client
configuration guide we have them scroll through the CA list and select it
as trusted. Our Apple clients have to click through to accept the
certificate.
Don't you use a .mobileconfig file?
--
ian
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of John McMillan
Sent: 17 April 2013 14:54
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Verifying or Validating Ser
I hadn’t heard of those, I’ll have to take a look. We’ve only recently had
real demand for Apple on the secured network, it’s mostly been personal
iPhones and iPads on the guest wireless, but that’s really changing.
*From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
WIRELES
We are switching to EAP-TLS for wireless authentication, and have everything in
place with the exception of a Certificate Revocation Checking process. We
would prefer to use OCSP, but it appears that freeRadius isn't supporting OCSP
very well (it is either buggy or not feature rich). Specifica
We here at Minnesota have been very happy with Radiator for wireless auth.
We also use it for Cisco tacacs sort of functions. We are more of a
mschap-v2 to the central Ldap (and eduroam) , and don't do OCSP.
/daniel/
daniel westacott
On Wed, Apr 17, 2013 at 2:10 PM, Turner, Ryan H wrote:
> W
Dear All
We are using freeradius connecting to AD for wireless authentication. However,
for the captive portal configuration on freeradius, we are still using LDAP.
Is it possible to change LDAP to AD for the captive portal configuration? If
yes, could you please provide a sample code in /raddb
Hi,
If both authentication methods are configured on the same instance of
FreeRADIUS then you may have to just check and update the entry in "users"
file.
You may need to do more if you are using different FreeRADIUS virtual
servers for authentication.
--
Zahid
On Wed, Apr 17, 2013 at 4:2
