Multiple EAP-Types at WinXP clients
From: Eric J. (bt_hirosaito_at_gmx.de)
Date: 03/17/05
- Next message: Thomas K: "Re: Multiple EAP-Types at WinXP clients"
- Previous message: Manjunath Bharadwaj [MSFT]: "Re: Service-Type: Framed no matter what?"
- Next in thread: Thomas K: "Re: Multiple EAP-Types at WinXP clients"
- Reply: Thomas K: "Re: Multiple EAP-Types at WinXP clients"
- Messages sorted by: [ date ] [ thread ]
Date: 17 Mar 2005 03:39:48 -0800
hi,
we are using EAP-TLS and want to realise a fallback strategy if
something´s wrong with the client certificate.
Our idea is to set up a standard policy for the normal access with
dynamic vlan assignment for our intranet.
But if the PC is in the Active Directory and only has problems with
its certificate (expired for example) there should be a fallback
policy using PEAP which puts the PC into a special support-vlan.
Now my question:
At the IAS i can choose multiple authentication modes for the policy.
First using EAP-TLS and if that fails using PEAP.
How can i manage this on the client. That the client first tries to
authenticate via EAP-TLS and if that fails it tries to authenticate
via PEAP and gets access to the support-vlan where the certificate can
be renewed.
And if also PEAP authentication will fail we put the pc into a
guest-vlan or something.
Hope you understand what i mean. Its a bit tricky to explain it in
english :)
Greetz Eric
- Next message: Thomas K: "Re: Multiple EAP-Types at WinXP clients"
- Previous message: Manjunath Bharadwaj [MSFT]: "Re: Service-Type: Framed no matter what?"
- Next in thread: Thomas K: "Re: Multiple EAP-Types at WinXP clients"
- Reply: Thomas K: "Re: Multiple EAP-Types at WinXP clients"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
