No announcement yet.

NPS radius server for wireless user

  • Filter
  • Time
  • Show
Clear All
new posts

  • NPS radius server for wireless user

    Hey everyone,

    I'm trying to setup a wireless network so that wireless users can simply
    give a username and password to have internet access, they dont need to
    logon to the network. My question is, will I still need some kind of
    certificate for the radius server and access point (radius client)? I use
    a windows server 2008 running NPS server and a cisco router with built in
    wireless. I'd really like to avoid using a root CA and to not purchase a
    vendor certificate.

  • #2
    Re: NPS radius server for wireless user

    How secure do you want this all to be?
    Joined: 23rd December 2003
    Departed: 23rd December 2015


    • #3
      Re: NPS radius server for wireless user

      It all depends on which version of the EAP protocol you use (or can use, depending on the clients).

      For instance, EAP-MD5 does not require certificates, but security is basically rubbish (vulnerable to dictionary attacks). EAP-TLS is secure and well-supported, but requires server and client certificates. EAP-TTLS does not require a client certificate, and EAP-FAST and EAP-EKE does without certificates altogether, but they all require third-party software to be installed on Windows clients. Support on mobile devices varies.