Re: Wireless Group Policy: No field to enter the key for WPA-PSK

Tech-Archive recommends: Fix windows errors by optimizing your registry

I don't really know the answer other than I know Microsoft considers PSK
authentication best used for test purposes. 802.1X with PEAP would be a much
more secure solution though that is your call. --- Steve


"Denis Holtkamp" <DenisHoltkamp@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1C6CED0D-1E61-4138-8944-7EEA7A9B5140@xxxxxxxxxxxxxxxx
> But why you can choose WPA-PSK, when you can't enter the needed key? This
> makes no sense, because you can't configure WPA-PSK via Group Policy. I
> know,
> that WPA with 802.1x and PEAP isn't so difficult, but in my case it is not
> necessary.
> I think the implementation of WPA-PSK in Group Policies is simply buggy.
>
> Thanks for your answer,
>
> Denis Holtkamp
>
> "Steven L Umbach" wrote:
>
>> I don't believe there is any place to enter a PSK. You should however be
>> able to implement 801.1X using PEAP which requires that the client
>> computers
>> have the certificate of the IAS server you use that your WAP is a client
>> to.
>> It really is not that hard and any Windows Server can be a Certificate
>> Server even if you just need to issue a few certifcates and that would
>> also
>> improve security quite a bit. The link below is a great step by step on
>> setting up 802.1X. --- Steve
>>
>> http://www.microsoft.com/downloads/details.aspx?FamilyID=0f7fa9a2-e113-415b-b2a9-b6a3d64c48f5&DisplayLang=en
>> http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/ed80211.mspx
>>
>> "Denis Holtkamp" <DenisHoltkamp@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
>> message
>> news:137F4730-4E7E-4B29-9140-268E6B18B773@xxxxxxxxxxxxxxxx
>> > Hi,
>> >
>> > im trying to set up a Group Policy (Windows Server 2003 SP1) to
>> > configure
>> > the Wireless LAN settings. If I choose the Network Authentication
>> > WPA-PSK
>> > there is no field where I can enter my Pre-Shared-Key (it doesn't
>> > matter
>> > which Data encryption option I select). The checkbox "The Key is
>> > provided
>> > automatically" is checked and greyed-out, so that I can't uncheck this
>> > option.
>> > Does somebody know, where I can enter the PSK, or is this a bug?
>> > I know that WPA-PSK is not intented to use for bigger environments, but
>> > for
>> > my scenario it's ok.
>> >
>> > Thanks in advance for your answers,
>> >
>> > Denis Holtkamp
>> >
>>
>>
>>


.

Relevant Pages

  • Re: problems with RADIUS and PEAP witha WG302 WAP and a Dell laptop
    ... When you go into the remote access policy profile, on the Authentication ... checkboxes, like MS-CHAP v2, you are not configuring PEAP -- you are ... To configure PEAP, click on the "EAP Methods" button. ... the server is going to use by clicking Edit. ...
    (microsoft.public.internet.radius)
  • RE: PEAP based 802.1x LAN authentication
    ... Authentication, EAP Methods. ... Do you have PEAP added here? ... edit and make sure the certificate that you want to use is selected. ... the server certificate is now stored in "Personal " ...
    (Focus-Microsoft)
  • Re: PEAP-TLS vs EAP-TLS
    ... there two versions of PEAP. ... PEAP uses TLS for server ... authentication and tunnels another authentication protocol inside the TLS ...
    (microsoft.public.windows.server.security)
  • Re: Access Points supporting PEAP
    ... This is from a document testing various AP's and authentication ... In their PEAP test, they are using "the access point Cisco Aironet 340 ... request to the ACS server, but the server then tries to log on to my ...
    (microsoft.public.internet.radius)
  • Re: PEAP Authentication Fails
    ... The server does say the authentication failed: ... If 1 doesn't work, at the client side, when you configure PEAP, see if ... If there is such a checkbox, ... uncheck "Validate server certificate". ...
    (microsoft.public.internet.radius)