Authenticating Non domain machines on a RADIUS wireless system using IAS.
I've got RADIUS authentication successfully working on our domain now, and it's been happily managing our wireless system for the last 3 months now. However, one of the things I've been unable to do is to get non-domain devices to authenticate to the wireless system using certificates or simelar, because quite honestly I have no idea how to get this to work!
At the moment our RADIUS system is using IAS on windows 2000 to provide it's authentication and the clients are set up to use WPA/TKIP and PEAP for authentication. It works flawlessly as it is, but obviously that type of authentication is no good if the devices aren't part of the domain.
Is there a guide anywhere that someone could point me to that will tell me to also use a certificate authentication using IAS so I can authenticate non-domain machines to allow me to add a few items to the wireless system that I need to? I've tried googling, but I can't find the right information, I'm assuming of course that this is possible, if it isn't then so be it, but I'm sure it is.
P.S I don't want to turn on user authentication on IAS as it would then allow kids with wi-fi enabled devices to connect to our system without us knowing. I want to find a way of using certificates if possible so we can control who has access.