Radius Server - 802.1x Computer validation

This is Interesting: Free IT Magazines  
Home > Archive > Radius Server > January 2005 > 802.1x Computer validation





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author 802.1x Computer validation
Sander

2004-12-29, 10:35 am

Hi All,

We're using XP SP1 clients on HP procurve switches to authenticate on IAS (through EAP) for network access.

Were using Computer Authentication to make sure unauthorised clients cannot access the network, and to make sure the (domain)clients are accessible for support before the user authenticates.

Is there a way to assure that after a cable reconnect, or a revalidation of the credentials, again the computer credentials are used? So far we can't get this to work without using user-authentication in addition to computer authentication.

Thanx,
Sander.
Thomas K

2004-12-31, 7:47 am

Xref: TK2MSFTNGP08.phx.gbl microsoft.public.internet.radius:9902

Hey Sander,

Propagate those 2 dword keys to those computers
HKLM\Software\Microsoft\EAPOL\Parameters
\General\Global\SupplicantMode=dword:3
HKLM\Software\Microsoft\EAPOL\Parameters
\General\Global\AuthMode=dword:2

Cheers,

- T -

"Sander" <Sander.1i1v12@mail.webservertalk.com> wrote in message
news:Sander.1i1v12@mail.webservertalk.com...
>
> Hi All,
>
> We're using XP SP1 clients on HP procurve switches to authenticate on
> IAS (through EAP) for network access.
>
> Were using Computer Authentication to make sure unauthorised clients
> cannot access the network, and to make sure the (domain)clients are
> accessible for support before the user authenticates.
>
> Is there a way to assure that after a cable reconnect, or a
> revalidation of the credentials, again the computer credentials are
> used? So far we can't get this to work without using
> user-authentication in addition to computer authentication.
>
> Thanx,
> Sander.
>
>
>
> --
> Sander
> ------------------------------------------------------------------------
> Posted via http://www.webservertalk.com
> ------------------------------------------------------------------------
> View this thread: http://www.webservertalk.com/message855620.html
>


Mimmus

2005-01-10, 5:56 pm

I can confirm that Thomas suggestion works.

Mimmus


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com