Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Wireless Networking > eap-tls without active directory

Reply
Thread Tools

eap-tls without active directory

 
 
liolemaire@gmail.com
Guest
Posts: n/a
 
      11-23-2006
hello,
i have a client who provides wireless access to separate entities in
the same building.
Right now he's using LEAP and ACS database. Now he would like to move
toward eap-tls because it's the most secured.

Usually, I install eap-tls within a active directory and distribute
machine certificate via global policy. Now the problem is that his
laptops are not in a Active directory domain because they come from
unrelated entities.

My idea was to use a fictionnal active directory just for the database
purpose, and download machine certificate manually via the web. (the
client gets his hand on each laptop to configure LEAP)

Does anybody have a bright idea to deploy certificates without active
directory; I think that no matter what, we need a database and a CA.

Thank your for your suggestions.

 
Reply With Quote
 
 
 
 
Peter Boosten
Guest
Posts: n/a
 
      11-23-2006
In alt.internet.wireless http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:
>
> Does anybody have a bright idea to deploy certificates without active
> directory; I think that no matter what, we need a database and a CA.
>


A simple box with linux and freeradius.

Peter

--
http://www.boosten.org

Mail: peter at boosten dot org
 
Reply With Quote
 
 
 
 
nuzz
Guest
Posts: n/a
 
      11-26-2006
You could use Zeroshell available at http://www.zeroshell.net/eng/ which is
a small linux distribution available as live cd or compact flash image for
embedded devices. This Linux is easy to use because is web administrable. It
includes a certification authority to distribute x509 certificate and radius
server to authenticate wireless client using 802.1x (eap-tls, peap and
eap-ttls). I am testing it and appears to be very stable and useful. The
best feature I think is the captive portal for hotspots web login.
bye

<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> hello,
> i have a client who provides wireless access to separate entities in
> the same building.
> Right now he's using LEAP and ACS database. Now he would like to move
> toward eap-tls because it's the most secured.
>
> Usually, I install eap-tls within a active directory and distribute
> machine certificate via global policy. Now the problem is that his
> laptops are not in a Active directory domain because they come from
> unrelated entities.
>
> My idea was to use a fictionnal active directory just for the database
> purpose, and download machine certificate manually via the web. (the
> client gets his hand on each laptop to configure LEAP)
>
> Does anybody have a bright idea to deploy certificates without active
> directory; I think that no matter what, we need a database and a CA.
>
> Thank your for your suggestions.
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
check if user belong to a domain against active directory without impersonation Caspy ASP .Net 3 08-04-2005 01:01 PM
Creating User Accounts with or without Active Directory J'son ASP .Net Security 5 04-26-2005 04:21 AM
Creating User Accounts with or without Active Directory J'son ASP .Net 5 04-26-2005 04:21 AM
Creating User Accounts with or without Active Directory J'son ASP .Net 0 04-22-2005 06:08 PM
Active Directory Search fails ("The directory service is unavailab ejcosta ASP .Net Security 2 10-08-2004 09:57 AM



Advertisments