Joined: 04 Apr 2012
|Posted: Thu May 03, 2012 7:14 pm Post subject: Security Probleme with Certificat and EAP-TTLS
I use a Cisco AP configured with two SSIDs :
- An open SSID that is redirected to the captive portal of Zeroshell
- An SSID WPA2 with EAP authentication on the server that points to Raduis Zeroshell
The captive portal works perfectly
To authenticate users on the SSID WPA2 EAP. After exporting and installing the certificate provided by the DER Zeroshell on my Windows 7, I type my login and password and the connection and redirect to the correct VLAN works.
Just in case ... but I used an Ipad to connect to my SSID WPA2 authenticated by EAP, I type my login and password and the connection works when I have not installed the certificate on my Ipad, time normal connection should not have run.
To perform another test I took one other PC on Windows 7 I try to connect without installing the certificate in DER format and connection does not work but if wifi in the settings I uncheck the box "Validate server certificate "the connection works without a certificate.
Have you encountered the same problem? and how to rectify the security problem?