Wireless validating identity certificate problem

From a security standpoint the best option is setup a captive portal.

Students can use their BYOD devices to connect and reach the portal, pass their user authentication credentials to the portal and the portal can then talk to the RADIUS server.

We are perfectly willing to buy a certificate from Verisign, Thwarte, etc if it will help but have tried our Comodo wildcard SSL certificate which hasn't fixed it.

These machines belong to the end users so we can't easily control settings with group policy or registry hacks.

In order to enable the client to connect we have to add the network manually and un-check the "Validate server certificate" as shown in the screenshot below.

If you do go this route, make sure you document for CYA purposes.

This is a classic bring-your-own-device network, think university halls of residence.

The user will be logged in locally when they click connect.

The disadvantages of the first two options is that it opens your 802.1X scheme up to Mi TM attacks.

I could conceivably build my own RADIUS server and intercept your user's AD credentials.

Leave a Reply

  1. dating fairfield county 14-Oct-2017 07:50

    My ’95 DR350 wasn’t great when loaded down and riding any kind of distance.

  2. who is tarkan dating now 28-Sep-2017 15:29

    No matter whether you would like to have a chat with a person who can understand you or just make you laugh or a person who you can ask out for a date or two, you will be able to find a person who will meet your expectations.

  3. Sex texting robot 19-Jun-2017 23:59

    You want high quality images and movies showing women enjoying sexual climax, right?

  4. alice eve dating 21-Nov-2017 22:27

    He informs Ezekiel that Negan wanted him, Rick Grimes (Andrew Lincoln) and Maggie, the widow (Lauren Cohan), wired to the Sanctuary fence, but he says Ezekiel’s head on a pike will do just fine.