I'm experimenting with freeradius but I don't understand a number of concepts:
* Is certificate authenticating a must? Is there any way radius works without certificates (simple radius let's say)?
* There is PEAP+GTC, but this is supposedly a cisco-specific protocol and will give problems for windows (xp specifically) clients?
* If certificates are used, do I have to generate one for each device or will a "group approach" work (same cert for several devices)?
* Any special considerations for the setup when using Radius to authenticate vpn client?
Thanks and regards.
P.S. I know that certificates are an underpinning of Radius, but I will not be able to upload certificates to any new devices that will connect to the network, once I have it up and running. So a new user will be unable to access the network, unless there is an automatic way to install the certificates.
* Is certificate authenticating a must? Is there any way radius works without certificates (simple radius let's say)?
* There is PEAP+GTC, but this is supposedly a cisco-specific protocol and will give problems for windows (xp specifically) clients?
* If certificates are used, do I have to generate one for each device or will a "group approach" work (same cert for several devices)?
* Any special considerations for the setup when using Radius to authenticate vpn client?
Thanks and regards.
P.S. I know that certificates are an underpinning of Radius, but I will not be able to upload certificates to any new devices that will connect to the network, once I have it up and running. So a new user will be unable to access the network, unless there is an automatic way to install the certificates.