Re: The EAP Saga begins.
This is a discussion on Re: The EAP Saga begins. within the FreeRADIUS Users forums, part of the Networking and Network Related category; Evan Vittitow wrote: > Alan DeKok wrote: >> Evan Vittitow wrote: >> >>> I think a ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-23-2007
|
|||
|
|||
Re: The EAP Saga begins.
Evan Vittitow wrote:
> Alan DeKok wrote: >> Evan Vittitow wrote: >> >>> I think a large part of my problem is the creation of a Certificate >>> authority. >>> >> Why? See the various 802.1x howto's (pointed to from freeradius.org & >> the wiki) for how to create certificates for the server. >> >> >>> Its very possible, that said Certificate authority for Radius could >>> hypothetically be used layer for IPSec. This being the case, what would >>> the best strategy be for implementing a PKI CA. Should I make one Cert >>> for every host? One server host and one client Cert for all hosts? >>> Different CAs for different Services? How will Mandriva's architecture >>> change affect this? >>> >> You want one certificate for the RADIUS server. For most RADIUS >> situations, this is enough. And that certificate shouldn't be used for >> anything else. >> >> > What do I give the xsupplicant clients? A username and password, and optionally the CA cert so they can "trust" the radius server cert. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 08:22 AM.
