Peap validating identity
Again client computer certificates are not required because EAP-PEAPv0 (EAP-MSCHAPv2) is password based.User certificate Issued to individuals by a public or private CA and typically distributed as a certificate that is embedded on a smart card.
Client Computer Certificate Issued to client computers by a public or private CA and used when the client computer needs to prove its identity to the RADIUS server.
Configured Cisco Enterprise wireless access point to use the freeradius server with shared secret and created a SSID with WPA2 Enterprise. Exported the CA root certificate and imported into 'Trusted Root CA store' on the Windows 10 Client.
- I also created a certificate from this CA for the pf Sense web interface using this root CA and tested that the Windows 10 client is successfully trusting the root CA certificate i.e.
See Mutual Authentication below for further information.
Server, Client Computer, User, and CA certificates are defined below.Existing pf Sense router - Added Free Radius3 package 2.