|
windows
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
eap-tls without active directoryi have a client who provides wireless access to separate entities in the same building. Right now he's using LEAP and ACS database. Now he would like to move toward eap-tls because it's the most secured. Usually, I install eap-tls within a active directory and distribute machine certificate via global policy. Now the problem is that his laptops are not in a Active directory domain because they come from unrelated entities. My idea was to use a fictionnal active directory just for the database purpose, and download machine certificate manually via the web. (the client gets his hand on each laptop to configure LEAP) Does anybody have a bright idea to deploy certificates without active directory; I think that no matter what, we need a database and a CA. Thank your for your suggestions. In alt.internet.wireless liolema***@gmail.com wrote:
> A simple box with linux and freeradius.> Does anybody have a bright idea to deploy certificates without active > directory; I think that no matter what, we need a database and a CA. > Peter You could use Zeroshell available at http://www.zeroshell.net/eng/ which is
a small linux distribution available as live cd or compact flash image for embedded devices. This Linux is easy to use because is web administrable. It includes a certification authority to distribute x509 certificate and radius server to authenticate wireless client using 802.1x (eap-tls, peap and eap-ttls). I am testing it and appears to be very stable and useful. The best feature I think is the captive portal for hotspots web login. bye <liolema***@gmail.com> wrote in message Show quoteHide quote news:1164297143.553814.265210@j72g2000cwa.googlegroups.com... > hello, > i have a client who provides wireless access to separate entities in > the same building. > Right now he's using LEAP and ACS database. Now he would like to move > toward eap-tls because it's the most secured. > > Usually, I install eap-tls within a active directory and distribute > machine certificate via global policy. Now the problem is that his > laptops are not in a Active directory domain because they come from > unrelated entities. > > My idea was to use a fictionnal active directory just for the database > purpose, and download machine certificate manually via the web. (the > client gets his hand on each laptop to configure LEAP) > > Does anybody have a bright idea to deploy certificates without active > directory; I think that no matter what, we need a database and a CA. > > Thank your for your suggestions. > 
Other interesting topics
Help to Set-up my Wireless Adapter
Enable/Disable Wireless icon missing from system tray Network yes, Internet no Network Compromised? Wireless Help Needed Wireless Radio problem Cannot connect to ONE SINGLE Web site / IP address Adapters with WPA support for Win98 SE? Belkin F5D7132 problems adapter not connected? |
|||||||||||||||||||||||
