Re: WM5 PEAP with Certificates
- From: Tweezer <Tweezer@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 9 Jan 2007 07:22:00 -0800
I'd be happy to get EAP/TLS working even. Here's what I want. I want only
devices that have a certificate that has been issued by me to be able to
access the wireless network. I can run either WM5 or CE on the portable
device (bar code scanner). I prefer that the certificate is the only
authentication, but I'd be willing to settle for user/password in addition to
the cert. The important thing is that no access will be given without a cert
even if a correct user/password is known. I have Cisco WAPs and IAS running.
I can make this work on XP without issue. If anyone has actually made this
work, please help me out. I have a lab I can test with, but haven't been
able to make any combination work on the mobile device.
"Eric Hicks [MVP]" wrote:
If you don't want to use usernames/password then that's not PEAP that's.
EAP/TLS and you do need a user and root cert on the device. Some devices
come with a cert utility (ipaq 5555's, ppc 6700's and a few others). If you
don't want to go that route you will need to export the full cert, root and
all from your xp machine. Then you will need to use pfx import util from
( http://www.jacco2.dds.nl/networking/pfximprt.html ) to import those certs
into your device.
--
--
Eric Hicks [That_Kid] (MS-MVP Mobile Devices)
The MS-MVP Program - http://mvp.support. microsoft.com This posting is
provided "AS IS" with no warranties, and confers no rights...
"Tweezer" <Tweezer@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:65AA8145-5796-4A2E-87A5-1EE3297D4AAF@xxxxxxxxxxxxxxxx
I don't want to use username/password. I want to use Certs. I can do this
with XP easily. WM5 doesn't work though.
"mlai" wrote:
I think PEAP works on encrypting the authentication channel between the
mobile device and the server. The user logs on using his credentials
(username/password) and no certificate is needed. So in essence, the
cert
that you are importing to the device is only for encryption of
communication
between the device and the server (a root cert for the server cert) and
not
a user cert........
"Tweezer" <Tweezer@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F1F515C8-1151-435F-9F5B-60F8CC137273@xxxxxxxxxxxxxxxx
I downloaded a third party tool that allowed me to import pfx files. I
don't
see how this could work without having the user cert if that's what we
plan
to user for authentication. Please elaborate if possible.
Thanks
"Eric Hicks [MVP]" wrote:
Yes this is possible, for PEAP you only need the root certificate
installed
on your device. How are you installing the certificates to your
device?
--
--
Eric Hicks [That_Kid] (MS-MVP Mobile Devices)
The MS-MVP Program - http://mvp.support. microsoft.com This posting is
provided "AS IS" with no warranties, and confers no rights...
"Tweezer" <Tweezer@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CC65BA8A-F477-41E4-853B-497C05E65E1D@xxxxxxxxxxxxxxxx
Is this possible to get working? I have a WM5 device that I managed
to
install a personal and root certificate on, but it won't
authenticate
to
my
WLAN. I'm using IAS server for the auth. I have used the same cert
combo
on
an XP laptop and everything works fine. ANy advice would be
appreciated.
- Follow-Ups:
- Re: WM5 PEAP with Certificates
- From: Eric Hicks [MVP]
- Re: WM5 PEAP with Certificates
- Prev by Date: Re: Try to turn off the QoS Config and the Auto Channel selection of the Belkin AP IPAQ 5915
- Next by Date: Re: HTC TYTN (Hermes) WM5.0 - Wep or Wpa WiFi connection doesn't function
- Previous by thread: Re: WM5 PEAP with Certificates
- Next by thread: Re: WM5 PEAP with Certificates
- Index(es):
Relevant Pages
|
