Re: ANSWER: Re: IAS and PEAP - IIS Required? - No but certificate is Required.

I didn't know that your IAS server doesn't have a certificate.

Please try this and tell me the result:

Run ias.msc and config PEAP:
ias.msc --> Remote Access Policies --> Right click the policies you care
about --> Properties --> Edit Profile --> Authentication--> Eap Methods -->
select PEAP, click "Edit", it will bring out a dialog box. In that dialog
box, you should see: Certificate issued to: .

You should see a cercivicate issued to your machine. If you don't see this,
PEAP (and EAP-TLS) won't work.

Let me know if you need more help. Thx.

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm.

Please do not send e-mail directly to this alias.
This alias is for newsgroup purposes only.
====================================
"John" <john@xxxxxxxxxx> wrote in message
news:OPlR1z0gFHA.1948@xxxxxxxxxxxxxxxxxxxxxxx
> This may have been self evident but not to me :-]
>
> In order to run IAS with PEAP, the IAS server must have a certificate.
> This doesn't mean certificate in IIS/SSL but rather certificate via
> Certificate Manager MMC Plug-in which applies to most communications.
>
> I believe this MMC plugin is relatively new - Windows SP3 (?) and Win2k3.
> Or I'm just behind the times.
>
> Regards,
>
> John
> "John" <john@xxxxxxxxxx> wrote in message
> news:uyQFn7pgFHA.1252@xxxxxxxxxxxxxxxxxxxxxxx
>> Nope.
>> Wasn't even aware of the product.
>>
>> This is a 'basic' ias configuration.
>> Strangely enough, it works fine if the ias server has iis installed but
> not
>> running . . . .
>> Curious if with Windows 2K and worldwide web publishing service being
>> installed by default (vs 2k3) works.
>> I'm thinking there is a 'component' in ias which checks for the existence
>> (at least) of a registry setting and/or actual file . . .
>>
>> "Wei Zheng [MSFT]" <weizheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:uTCVIfmgFHA.2904@xxxxxxxxxxxxxxxxxxxxxxx
>> > Hi,
>> >
>> > Are you using Phone Book Service? Take a look at this article. PBS
>> requires
>> > IIS.
>> >
>>
> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/510a59b7-53cb-4dab-9157-a0e3f25c5197.mspx
>> >
>> > --
>> > This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>> > Use of included script samples are subject to the terms specified at
>> > http://www.microsoft.com/info/cpyright.htm.
>> >
>> > Please do not send e-mail directly to this alias.
>> > This alias is for newsgroup purposes only.
>> > ====================================
>> > "John" <john@xxxxxxxxxx> wrote in message
>> > news:uPPfzQcgFHA.3124@xxxxxxxxxxxxxxxxxxxxxxx
>> > >I guess my question is IIS required regardless if it's configured? It
>> > >seems
>> > > to be the case, but I'm wondering why?
>> > >
>> > > Environment - Windows 2k3 server (no IIS) and XP clients (latest
> service
>> > > packs)
>> > > IAS - radius client, shared secret, eap enabled with PEAP option.
>> > >
>> > > Working Environment
>> > > I have succesfully configured radius connection to work when ias host
>> has
>> > > iis installed/enabled with ssl cert (via iis).
>> > > I have succesfully configured radius connection to work when ias host
>> has
>> > > iis installed/enabled with NO ssl cert.
>> > > I have succesfully configured radius connection to work when ias host
>> has
>> > > iis installed, but not enabled with NO ssl cert.
>> > >
>> > > Non Working Environment
>> > > I have NOT succesfully configured radious connection to work when ias
>> host
>> > > DOES NOT have iis installed.
>> > >
>> > > I don't want to install IIS on the radius machine (it's a dc) unless
>> > > I
>> > > have
>> > > to.
>> > >
>> > > Regards,
>> > >
>> > > John
>> > >
>> > >
>> > >
>> > >
>> >
>> >
>>
>>
>
>


.

Relevant Pages

  • Re: Does WINDOWS 2003 IAS require Certificate services
    ... at any point install certificate services. ... I installed an IAS server ... and configured to use PEAP and authorized for active directory. ... > IAS server and password-based credentials from users. ...
    (microsoft.public.internet.radius)
  • Re: Requesting certificate from CA server : problem
    ... When trying to request a certificate from my IAS server, ... Is the IAS server a domain member server? ... the Cert Templates MMC snap-in, ... See the Help topic "Network access authentication and certificates" in ...
    (microsoft.public.internet.radius)
  • Re: 802.1x Authentication
    ... so I think IAS server do not have a certificate. ... If I can not use MD5 because w2k/xp supplicant do not support it neither ... what EAP type must I select when I check "Using 802.1x" on the ...
    (microsoft.public.internet.radius)
  • Re: 802.1x Authentication
    ... so I think IAS server do not have a certificate. ... If I can not use MD5 because w2k/xp supplicant do not support it neither ... what EAP type must I select when I check "Using 802.1x" on the ...
    (microsoft.public.internet.radius)
  • Re: AD required to use IAS?
    ... > to the network. ... Does the IAS server have to be in a domain or can I ... another company) whose root CA certificate is already in the Trusted Root ... IAS server must have a certificate that is issued by a CA that clients ...
    (microsoft.public.internet.radius)
Loading