Re: WPA with IAS and PEAP-EAP-TLS Auth. and CA on W2003 standard
From: Franz Schenk (franz.schenkNOSPAM_at_fititNO-_SPAM.ch)
Date: 10/30/04
- Previous message: Sam Salhi [MSFT]: "Re: W2k IAS Running. Won't Authenticate W2k3 domain."
- In reply to: Sam Salhi [MSFT]: "Re: WPA with IAS and PEAP-EAP-TLS Auth. and CA on W2003 standard"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 30 Oct 2004 16:24:57 +0200
Thanks for you help. It's important to me to know wich certification
templates to use with WPA and a CA running on Windows 2003 Server standard
edition.
One thing I don't unterstand is that you write that WPA doesn't work with
802.1x. According http://support.microsoft.com/?kbid=815485, 802.1x
authentication is required in WPA. And on the XP SP2 Wirless Client, 802.1x
is automatically selected and can not be changed when you chose WPA as
network authenication. Can you further explain your statement about WPA and
802.1x?
Thank you in advance!
Franz
"Sam Salhi [MSFT]" <samers@online.microsoft.com> schrieb im Newsbeitrag
news:eX0inTdvEHA.1292@TK2MSFTNGP10.phx.gbl...
> Yes it is possible
> RAS and IAS server authentication is also there in Standard, and you can
> use
> "Workstation Authentication" for clients. Otherwise you may use Computer
> Template for both. But be aware that Computer template will contain
> "Server
> Authentication" EKU.
>
> One thing that doesn't work in the scenario you mentioned below, that
> would
> be WPA with 802.1x
> WPA is not supported with 802.1x at the moment. Only WEP (which is not the
> normal WEP, it's dynamic with keys generated by the Server based PKI, so
> it's very secure)
>
>
> --
> =============================================
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> =============================================
>
> "Franz Schenk" <franz.schenkNOSPAM@fititNO-_SPAM.ch> wrote in message
> news:e07CkIavEHA.3908@TK2MSFTNGP12.phx.gbl...
>> We want to set up a Wirless Network with WPA, internal CA, IAS Radius
>> Server
>> and PEAP-EAP-TLS Authentication. We like to use computer authentication
>> because I suppose that with user authentication, the wireless connection
>> is
>> established after user authentication and for example GPO software
>> packages
>> that are assigned to computers will never apply to computers that connect
>> over the Wireless network.
>>
>> What does confuse me is that Microsoft only recommends and does require
>> using Windows Server 2003 Enterprise Edition for the CA, because the
>> certification templates "RAS and IAS Server Authentication" and "Wireless
>> Authentication" are not available in certification services of Windows
>> 2003
>> Server standard edition.
>>
>> Is it possible to implement the solution described above also with a CA
>> running on Windows 2003 Server standard edition, using the certification
>> templates included in Windows Server 2003 standard version?
>>
>> Thanks all in advance for any help!
>> Franz
>>
>>
>
>
- Previous message: Sam Salhi [MSFT]: "Re: W2k IAS Running. Won't Authenticate W2k3 domain."
- In reply to: Sam Salhi [MSFT]: "Re: WPA with IAS and PEAP-EAP-TLS Auth. and CA on W2003 standard"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
