On Mon, Nov 17, 2008 at 05:49:01PM -0700, Schneider, Craig-p98692 wrote: > Is a CA needed, like in the 802.1X example? For EAP-PEAP to be secure, yes, you do need to configure the trusted CA on the client. From testing view point, this is not strictly speaking required and should not change the end result of the test. -- Jouni Malinen PGP id EFC895FA