(RADIATOR) Radiator on Mandrake Server...
mikem at open.com.au
Wed Jun 4 21:39:31 CDT 2003
On Thu, 5 Jun 2003 11:38 am, Andrea Brancatelli wrote:
> Hello Mike,
> Thursday, June 5, 2003, 3:06:30 AM, you wrote:
> >> OpenSSL is 0.9.7. Actually I "just" seem to lack that file.
> MM> That is strange.
> OK, I compiled Net_SSLeay from CPAN and everything works well now.
> Now, sorry, I have a very stupid question for you. I'm pretty new to
> Radius et all the staff involve, so sorry again for the stupid
> question. My idea, looking at Windows XP, is that, using PEAP instead
> of EAP/TLS, there's no need to give a certificate to the supplicant,
> but looking at goodies/eap_peap.cfg I see one must still create the
> certificates and such...
With both TLS and PEAP you must have a certificate for the Radius server, and
the client must also have a copy of the root certificate for the servers
The difference between TLS and PEAP is you dont need an individual certificate
for the _client_.
> What am I missing? :D
> What's the difference betwen EAP/TLS and PEAP then?
> Isn't there a way to have a Supplicant just log in without any hassle
> of the certificate???
With PEAP, you will have to install the root certificate corresponding to the
servers certificate on the supplicant.
If the radius server is configured to use the test certificates we supply, you
will ned to install root.der on each client. Just double-click on it to
import the certificate.
If the radius server is configured to use a public certificate from a public
certificate authority (verisgn etc), the root certificate is built in to XP.
Hope that helps.
> Saluti, Andrea Brancatelli
> http://andrea.brancatelli.it/ mailto:andrea at brancatelli.it
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator