Click here to get back home

Implementing 802.1X in a LAN enviorment
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Implementing 802.1X in a LAN enviorment Amihai Bareket 01-31-2006
Posted by Amihai Bareket on January 31, 2006, 4:44 am
Please log in for more thread options
 I'm looking for articles/white papers that explain how to design and
implement 802.1x in a LAN environment.
The clients are Windows XP Pro SP2 or Windows Server 2003 (SP0 & SP1).
The goal is to implement IAS as the radius and use X.509v3 Certificates for
authentication.

Found some articles about Wireless implementation but I need info about LAN.
Also if there's any info on how to configure clients for 802.1x using GPO
(There's settings for wireless but not for LAN).

Can anyone direct me to such information?

I found that the wireless policy is using the user certificate and I would
like to use the computer certificate for authentication. Is it possible?

Thanks,
Amihai Bareket



Posted by S. Pidgorny on January 31, 2006, 6:00 am
Please log in for more thread options
 See

http://www.microsoft.com/technet/community/columns/secmgmt/sm0805.mspx

Not secure. And no, you cannot apply security settings to the clients using
GPO or a script - GUI only.

Consider alternatives.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

> I'm looking for articles/white papers that explain how to design and
> implement 802.1x in a LAN environment.
> The clients are Windows XP Pro SP2 or Windows Server 2003 (SP0 & SP1).
> The goal is to implement IAS as the radius and use X.509v3 Certificates
> for authentication.
>
> Found some articles about Wireless implementation but I need info about
> LAN.
> Also if there's any info on how to configure clients for 802.1x using GPO
> (There's settings for wireless but not for LAN).
>
> Can anyone direct me to such information?
>
> I found that the wireless policy is using the user certificate and I would
> like to use the computer certificate for authentication. Is it possible?
>
> Thanks,
> Amihai Bareket
>



Posted by Amihai Bareket on January 31, 2006, 7:29 am
Please log in for more thread options
Which Alternatives apart from IPSEC?


> See
>
> http://www.microsoft.com/technet/community/columns/secmgmt/sm0805.mspx
>
> Not secure. And no, you cannot apply security settings to the clients
> using GPO or a script - GUI only.
>
> Consider alternatives.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
>> I'm looking for articles/white papers that explain how to design and
>> implement 802.1x in a LAN environment.
>> The clients are Windows XP Pro SP2 or Windows Server 2003 (SP0 & SP1).
>> The goal is to implement IAS as the radius and use X.509v3 Certificates
>> for authentication.
>>
>> Found some articles about Wireless implementation but I need info about
>> LAN.
>> Also if there's any info on how to configure clients for 802.1x using GPO
>> (There's settings for wireless but not for LAN).
>>
>> Can anyone direct me to such information?
>>
>> I found that the wireless policy is using the user certificate and I
>> would like to use the computer certificate for authentication. Is it
>> possible?
>>
>> Thanks,
>> Amihai Bareket
>>
>
>



Posted by S. Pidgorny on February 1, 2006, 4:56 am
Please log in for more thread options
Go completely wireless. Still, that's the last foot security.

Or go IPv6.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-


> Which Alternatives apart from IPSEC?
>
>
>> See
>>
>> http://www.microsoft.com/technet/community/columns/secmgmt/sm0805.mspx
>>
>> Not secure. And no, you cannot apply security settings to the clients
>> using GPO or a script - GUI only.
>>
>> Consider alternatives.
>>
>> --
>> Svyatoslav Pidgorny, MS MVP - Security, MCSE
>> -= F1 is the key =-
>>
>>> I'm looking for articles/white papers that explain how to design and
>>> implement 802.1x in a LAN environment.
>>> The clients are Windows XP Pro SP2 or Windows Server 2003 (SP0 & SP1).
>>> The goal is to implement IAS as the radius and use X.509v3 Certificates
>>> for authentication.
>>>
>>> Found some articles about Wireless implementation but I need info about
>>> LAN.
>>> Also if there's any info on how to configure clients for 802.1x using
>>> GPO (There's settings for wireless but not for LAN).
>>>
>>> Can anyone direct me to such information?
>>>
>>> I found that the wireless policy is using the user certificate and I
>>> would like to use the computer certificate for authentication. Is it
>>> possible?
>>>
>>> Thanks,
>>> Amihai Bareket
>>>
>>
>>
>
>



Posted by Keith Pawson on January 31, 2006, 6:40 am
Please log in for more thread options
Hi Amihai

This white paper should help you:

IEEE 802.1X for Wired Networks and Internet Protocol Security with Microsoft
Windows
http://www.microsoft.com/downloads/details.aspx?FamilyID=d9aef757-f528-41be-a01f-99a60c9a855d&displaylang=en

--
Cheers
Keith


> I'm looking for articles/white papers that explain how to design and
> implement 802.1x in a LAN environment.
> The clients are Windows XP Pro SP2 or Windows Server 2003 (SP0 & SP1).
> The goal is to implement IAS as the radius and use X.509v3 Certificates
> for authentication.
>
> Found some articles about Wireless implementation but I need info about
> LAN.
> Also if there's any info on how to configure clients for 802.1x using GPO
> (There's settings for wireless but not for LAN).
>
> Can anyone direct me to such information?
>
> I found that the wireless policy is using the user certificate and I would
> like to use the computer certificate for authentication. Is it possible?
>
> Thanks,
> Amihai Bareket
>



Similar ThreadsPosted
GPO not implementing rename of Administrator Account April 27, 2006, 5:19 am
Implementing PKI infrastructure in multiple forrests January 14, 2008, 2:47 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap