Authenticate a machine to radius?

From: Harold (reply_at_togroup.com)
Date: 03/07/05 

Date: Mon, 7 Mar 2005 11:32:38 -0600

I have setup PEAP for my wireless users and works well. Now, I have to
setup a multihomed computer in a confernce room. This machine will be wired
to Novell for one group of people, and use wireless to access Microsoft AD
for another group of people.

I cannot get the USB network adapter to connect to the domain because the
USB device/computer/radius is not setup correctly. I think I want the
computer to authenticate to the domain in order to allow any AD user to
login just as in the wired world. I am thinking that I need a machine cert
instead of a user cert. How do I create a machine/computer cert? When I
goto http://domain/certsrv I am only given the option to create a user
certificate.

I get this in event log.

Event Type: Warning
Event Source: IAS
Event Category: None
Event ID: 2
Date: 3/7/2005
Time: 8:45:32 AM
User: N/A
Computer: YA01-AD
Description:
User host/fwy4d01.yacorp.com was denied access.
 Fully-Qualified-User-Name = yacorp.com/Computers/FWY4D01
 NAS-IP-Address = 10.22.3.3
 NAS-Identifier = ya-ap
 Called-Station-Identifier = 0012.44b0.7690
 Calling-Station-Identifier = 0090.4b8a.d133
 Client-Friendly-Name = cisco-ap
 Client-IP-Address = 10.22.3.3
 NAS-Port-Type = Wireless - IEEE 802.11
 NAS-Port = 113327
 Proxy-Policy-Name = Use Windows authentication for all users
 Authentication-Provider = Windows
 Authentication-Server = <undetermined>
 Policy-Name = Wireless
 Authentication-Type = PEAP
 EAP-Type = <undetermined>
 Reason-Code = 262
 Reason = The supplied message is incomplete. The signature was not
verified.

Thanks so much,
HB

Relevant Pages

  • Re: 3 PC SOHO Network setup problem
    ... As I say below, my setup should ... >>so security on the wireless side is not a major concern. ... no PC has an internet connection other than through the router. ... > only by the Guest account, which means this computer will be open to anyone. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Wireless EAP Problem
    ... We setup Enterprise WPA2 with IAS as authentication. ... Any domain users just logon their domain user IDs without configuring computer certificate. ... Since sensitive patient info is sent over the wireless network it is essential that the communications be highly secure. ... I can easily change to PEAP in the remote access policy for IAS. ...
    (microsoft.public.windows.server.networking)
  • Re: OT- slightly-signal jamming
    ... | I need to pick the brain of the collective genius ... The terms 'band' and 'music' are used only | for clarity, not because they represent accurate description. ... I'm pretty sure they are using | wireless setups. ... setup, what keeps them from going to a wired setup? ...
    (rec.crafts.metalworking)
  • Re: Need Encryption Set-up Advice
    ... it's quite easy to setup. ... which takes care of the wireless setup if you have a compatible ... your unspecified model Linksys router. ... If you do elect to have the Geek Squad guy do the installation, ...
    (alt.internet.wireless)
  • Re: IAS and Wireless
    ... Microsoft EAP (the other main implementation is Cisco ... >the wireless network, but not allow the device itself to ... domain to authenticate ...
    (microsoft.public.windows.server.sbs)