Hi guys,

I have a few questions to ask around here and it concerns the security of a WPA2-Enterprise secured wireless network.
I have just baught myself a ZyAIR G2000 Plus wireless router and i have gone for this one because it has a inbuilt cutdown RADIUS server that supports 32 clients and im abit paranoied about my wireless networks in general.

Now from what i understand of WPA2 enterprise is that it consists of 2 parts Association and Authentication. so there are 3 things that are needed to be able to use the network they are a valid certificate, a username and a password.

I think if you forged the certificate you could still associate with the AP but without the username password you could not authenticate with RADIUS therefore not be able to access the network resources.

What i am asking is how secure it this setup i know the most secure way is not to have wireless and limit physical access to the network, but this is not a choice in my new flat as i wont be able to wire up the network points without getting a network engeneer contractor to do it and pay through the nose ( a term of my lease that any electrical/plumbing or communication works have to be contracted out).

Also with the certificates you haev 2 options the first is to goto a CA liek verisign and get one of theres and pay lots of money or the secong is to use the inbuilt CA and make your own self certifyed certificated. How easy would it be to spoof a self made certificate.

One final note I am NOT asking how to hack/crack WPA2-enterprise it just want to know if its possible and how easy it is and if its been done before. i know WEP and WPA-PSK has been done but the way it is done is a very Script kiddie approach and now anyone can do it.