eap-tls without active directory

Discussion in 'Wireless Networking' started by liolemaire@gmail.com, Nov 23, 2006.

  1. Guest

    hello,
    i have a client who provides wireless access to separate entities in
    the same building.
    Right now he's using LEAP and ACS database. Now he would like to move
    toward eap-tls because it's the most secured.

    Usually, I install eap-tls within a active directory and distribute
    machine certificate via global policy. Now the problem is that his
    laptops are not in a Active directory domain because they come from
    unrelated entities.

    My idea was to use a fictionnal active directory just for the database
    purpose, and download machine certificate manually via the web. (the
    client gets his hand on each laptop to configure LEAP)

    Does anybody have a bright idea to deploy certificates without active
    directory; I think that no matter what, we need a database and a CA.

    Thank your for your suggestions.
    , Nov 23, 2006
    #1
    1. Advertising

  2. In alt.internet.wireless wrote:
    >
    > Does anybody have a bright idea to deploy certificates without active
    > directory; I think that no matter what, we need a database and a CA.
    >


    A simple box with linux and freeradius.

    Peter

    --
    http://www.boosten.org

    Mail: peter at boosten dot org
    Peter Boosten, Nov 23, 2006
    #2
    1. Advertising

  3. nuzz Guest

    You could use Zeroshell available at http://www.zeroshell.net/eng/ which is
    a small linux distribution available as live cd or compact flash image for
    embedded devices. This Linux is easy to use because is web administrable. It
    includes a certification authority to distribute x509 certificate and radius
    server to authenticate wireless client using 802.1x (eap-tls, peap and
    eap-ttls). I am testing it and appears to be very stable and useful. The
    best feature I think is the captive portal for hotspots web login.
    bye

    <> wrote in message
    news:...
    > hello,
    > i have a client who provides wireless access to separate entities in
    > the same building.
    > Right now he's using LEAP and ACS database. Now he would like to move
    > toward eap-tls because it's the most secured.
    >
    > Usually, I install eap-tls within a active directory and distribute
    > machine certificate via global policy. Now the problem is that his
    > laptops are not in a Active directory domain because they come from
    > unrelated entities.
    >
    > My idea was to use a fictionnal active directory just for the database
    > purpose, and download machine certificate manually via the web. (the
    > client gets his hand on each laptop to configure LEAP)
    >
    > Does anybody have a bright idea to deploy certificates without active
    > directory; I think that no matter what, we need a database and a CA.
    >
    > Thank your for your suggestions.
    >
    nuzz, Nov 26, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Robert Irwin

    Does EAP-TLS *NEED* Windows 2003 server?

    Robert Irwin, Jul 7, 2004, in forum: Wireless Networking
    Replies:
    3
    Views:
    5,176
    Wayne Tilton
    Jul 12, 2004
  2. jr

    Problems with EAP-TLS with smart cards

    jr, Jul 26, 2004, in forum: Wireless Networking
    Replies:
    1
    Views:
    2,713
    drewbono
    Jun 23, 2006
  3. Al Blake

    EAP-TLS & Windows XP SP2 ?

    Al Blake, Sep 30, 2004, in forum: Wireless Networking
    Replies:
    3
    Views:
    10,326
    Al Blake
    Oct 4, 2004
  4. =?Utf-8?B?SmF5?=

    Type of Wireless Access Point needed with EAP-TLS

    =?Utf-8?B?SmF5?=, Mar 30, 2005, in forum: Wireless Networking
    Replies:
    2
    Views:
    714
    =?Utf-8?B?SmF5?=
    Apr 1, 2005
  5. erha
    Replies:
    0
    Views:
    1,094
Loading...

Share This Page