Click here to get back home

Certificates 802.1X Auth.
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Certificates 802.1X Auth. Carma Trepp 11-21-2005
Posted by Carma Trepp on November 21, 2005, 11:07 am
Please log in for more thread options
 Hi all

I would like to implement 802.1X authentication with user and machine
certificates in our WLAN Network. I have now found a deploymend guide
from microsoft.
http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/ed80211.mspx

I follow all the instructions, and can now authenticate with the user
certificate. But the machine certificates was not used in the
authentication Process. When I delete the machine certificate, the
client can still connect to the network.

How can I enforce the authentication with both user and machine certificate?

Posted by Steven L Umbach on November 21, 2005, 10:38 pm
Please log in for more thread options
 I have not done it in a bit and did not read the whole article in the link
you provided but I think the link below on how to deploy in a lab is
excellent. Off hand I would double check your Remote Access Policies to make
sure that computers are required to be in a group for authentication and
EAP-TLS is the only authentication method accepted as explained in the lab
exercise. You can also configure Group Policy [at least on a Windows 2003
domain controller] to make sure that "authenticate as computer when computer
information is available" is selected in the client wireless
onfiguration. --- Steve


http://www.microsoft.com/downloads/thankyou.aspx?familyId=0f7fa9a2-e113-415b-b2a9-b6a3d64c48f5&displayLang=en&oRef=http%3a%2f%2fwww.microsoft.com%2fwindowsserver2003%2ftechnologies%2fnetworking%2fwifi%2fdefault.mspx

> Hi all
>
> I would like to implement 802.1X authentication with user and machine
> certificates in our WLAN Network. I have now found a deploymend guide from
> microsoft.
> http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/ed80211.mspx
>
> I follow all the instructions, and can now authenticate with the user
> certificate. But the machine certificates was not used in the
> authentication Process. When I delete the machine certificate, the client
> can still connect to the network.
>
> How can I enforce the authentication with both user and machine
> certificate?



Posted by Carma Trepp on November 23, 2005, 1:48 am
Please log in for more thread options
Steven L Umbach wrote:
> I have not done it in a bit and did not read the whole article in the link
> you provided but I think the link below on how to deploy in a lab is
> excellent. Off hand I would double check your Remote Access Policies to make
> sure that computers are required to be in a group for authentication and
> EAP-TLS is the only authentication method accepted as explained in the lab
> exercise. You can also configure Group Policy [at least on a Windows 2003
> domain controller] to make sure that "authenticate as computer when computer
> information is available" is selected in the client wireless
> onfiguration. --- Steve
>
>
>
http://www.microsoft.com/downloads/thankyou.aspx?familyId=0f7fa9a2-e113-415b-b2a9-b6a3d64c48f5&displayLang=en&oRef=http%3a%2f%2fwww.microsoft.com%2fwindowsserver2003%2ftechnologies%2fnetworking%2fwifi%2fdefault.mspx
>

Hey thanks a lot! I check this document, looks very very interessting.

Carma

Similar ThreadsPosted
NTLM Auth (weird) January 23, 2008, 4:15 pm
telnet server auth without password, how ? September 13, 2005, 4:27 pm
INTERACTIVE group missing after SSPI auth October 28, 2005, 12:54 pm
INTERACTIVE group missing after SSPI auth November 2, 2005, 3:16 pm
802.1x host auth fails with WinXP supplicant June 26, 2006, 3:41 pm
IIS prompting for password but integrated auth is only method July 10, 2006, 2:40 pm
Certificates April 5, 2007, 5:38 pm
two CA certificates for IPSec or something... September 17, 2005, 3:58 pm
Certificates are not published October 17, 2005, 3:31 pm
Removing CA certificates. December 22, 2005, 3:50 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap