Validating identity on wireless
Students can use their BYOD devices to connect and reach the portal, pass their user authentication credentials to the portal and the portal can then talk to the RADIUS server.
Eduroam is another popular choice for educational organizations.
If you do go this route, make sure you document for CYA purposes.
From a security standpoint the best option is setup a captive portal.
next year) I plan to offer to install the server certificate directly from the captive portal, so that users (mostly Windows users) won't have an issue logging into the secure network.
Fw-300 #ya-qn-sort h2 /* Breadcrumb */ #ya-question-breadcrumb #ya-question-breadcrumb i #ya-question-breadcrumb a #bc .ya-q-full-text, .ya-q-text #ya-question-detail h1 html[lang="zh-Hant-TW"] .ya-q-full-text, html[lang="zh-Hant-TW"] .ya-q-text, html[lang="zh-Hant-HK"] .ya-q-full-text, html[lang="zh-Hant-HK"] .ya-q-text html[lang="zh-Hant-TW"] #ya-question-detail h1, html[lang="zh-Hant-HK"] #ya-question-detail h1 #Stencil .
This is from the Free RADIUS documentation but I expect it is equal valid for the Microsoft implementation: In general, you should use self-signed certificates for 802.1x (EAP) authentication.Then my Windows 10 laptop could not connect (both have connected before).