10-16-04 02:25 AM
Unfortunately, there is no easy way out of this but here's a little idea
that might make it a little bit better
Enable PEAP on the server (with Secure Password (EAP-MSCHAPv2) ) and do the
same on your clients, this will allow them to login without client
certificate. Once the connection is established, run the command GPUPDATE
/FORCE on the command prompt. This will allow your clients to renew/request
new certificates. Next, return to EAP-TLS on server and clients
HTH
PS: PEAP-EAP-MSCHAPv2 and EAP-TLS can coexist on the same server and Access
Points. No additional configuration is needed on the Access points
--
========================================
=====
This posting is provided "AS IS" with no warranties, and confers no
rights.
========================================
=====
"Owen" <schmierer2@shoalhaven.nsw.gov.au> wrote in message
news:4fab3de1.0408182214.1163a577@posting.google.com...
> Hi Guys.
>
> Well we have a 802.1x network here using EAP-TLS authentication. Last
> week all our certificates expired and somehow I renewed the
> certificate on the server and selected it to auto enrol out to all our
> clients. However, the notebooks we have have to be connected with a
> LAN cable to recieve the new certificate and when they do we still
> have to go into the wireless settings and under the "Validate Server
> Certificate" bit we still have to check our CA.
>
> Is there an easy way around this? I had to kind of fudge my way
> through it so it's in a little bit of a mess.
>
> Many thanks for your help now and in the past.
>
> Regards,
> Owen.
[ Post a follow-up to this message ]
| 
