Clients having problems connecting.

From: weersl@xxxxxxxxxxx
Date: 1 Feb 2007 09:30:37 -0800

I'd appreciate any help I can get on my problems.

Environment:
I've setup a secure SSID that is using WPA-TKIP/WPA2-AES encryption.
The EAP type is PEAP and MS-CAHP-V2. The wireless hardware is a mix
of Aruba, and HP Procurve (thin). The SSID name is the same on both
vendors. IAS is the Radius server (Windows 2003 R2 Enterprise) with
the Versign wireless LAN certificate. Laptops are XP SP2 all fully
patched through Nov 06 or newer.

The problems I am having are as follows:

1. A laptop that belongs to our domain, but the user has never logged
into it before (so no cached creditentials exist) it errors with the
Domain is not available. If cached creditentials do exist then they
get logged in.

2. When the user gets logged in the login scripts may or may not run
so drive may or may not be mapped.

3. Users who connect to the encrypted SSID take it home and connect
to the wireless network at home, but then they don't get connected
again when they come back. The logs show that it is using the
domainname\computername rather than domainname\username, hence access
denied. It doesn't seem to matter if the Authenticate as computer is
checked or unchecked. This even happens with an iBook user couldn't
get connected to our network again.

This is reproducable on Dell D510's, IBM Tablets, and other older
laptops. It doesn't make a difference if the WPA2 patch (KB893357) is
installed or not.

Some other things I have tried are:

1. I set the gpo setting of "Always wait for the network at computer
startup or logon" to enable. It is found under Computer Configuration
\Administrative Templates\System\Logon

2. I downloaded and installed http://www.enterasys.com/support/Tools2/XTweakSetup.exe
to set the hiddent registry settings. I have either not found the
right combination, or there is something else going on.

What I would like to see happen is the same behavior whether it is a
wire connection to the network or using the wireless connection. That
was my interpretation as to the advantage of 802.1x. We do not
currently use 802.1x on the wired network.

.

Prev by Date: Re: Wired 802.1x with IAS & HP 2650 switches = error 16
Next by Date: RE: Configure Auth (802.1X) settings for Win2000 Clients
Previous by thread: Re: Wired 802.1x with IAS & HP 2650 switches = error 16
Next by thread: RE: Configure Auth (802.1X) settings for Win2000 Clients
Index(es):
- Date
- Thread

Relevant Pages

RE: Multiple Connection Attempts to Home Wireless Network
... make connection attempts to any available wireless, ... Subject: Re: Multiple Connection Attempts to Home Wireless Network ... >Planning, Computer Emergency Response Teams, and Digital Investigations. ...
(Security-Basics)
Re: Linksys WRT54G acts like a dumb hub, no DHCP or wireless capabilities
... laptop and the PC would lose connection with the router. ... Well, the results are the same: I can connect to the wireless network, ... but after about 10 minutes I will lose connection with the router. ...
(alt.internet.wireless)
Re: Lan Wifi Network
... >knowledge of computer network... ... a wireless user has gone away. ... client software to do the job. ... connection which can be timed. ...
(alt.internet.wireless)
Re: Wireless network, Bluetooth, and Home Networking
... notebook PC, together with a wireless network between the same ... connection to the PC, or loose the network connection PC to ... Your easiest bet is to purchase a wireless router - ...
(microsoft.public.windowsxp.help_and_support)
Re: Activesync Kills Wireless
... Acer TravelMate 8104WLMi with Intel PRO/Wireless 2915ABG Network Adapter, ... NetGear RangeMax WMN802 Wireless Access Point ... I do have to repair the network connection as ... could install this driver. ...
(microsoft.public.pocketpc.activesync)