Hello,
I'm having some troubles trying to configure my wired network to use 802.1X
with Radius server.
Here my problem: I'm using a Procurve 2650 as Radius Client, IAS as Radius
Server and Windows XP as supplicant.
If I configure CHAP authentication, selecting MD5-Challenge under
Authentication in the network configuration of Windows XP and CHAP
authentication under Authentication window of the Radius (IAS) policy, all
works fine and I can login correctly in my network (I can see the log into
the event viewer).
But when I choose to use PEAP, selecting it from the drop down list under
Authentication window of network configuration (in XP), and selecting the
same into the radius policy, I can't correctly login, and in the event viewer
I see this error:
Reason-Code = 66.
Reason = The user attempted to use an authentication method that is not
enabled on the matching remote access policy
This is a problem because only PEAP permit to automatically submit the login
credentials (or does somebody know how to do it with CHAP?), and because with
Windows Vista MD5 is totally unavailable because it's considered obsolete and
unsecure.
Probably I'm missing some step to enable that authentication method in the
GPO of my domain, or something similar.
Does somebody has a suggestion about this problem?
Re: IP address assignment problem ... I have a little problem and seek for ur thoughts, let's assume I'm in a very open environment where everyone can very easily try to get his/her laptop on the network and IP addresses are assigned by a DHCP server and we are in a domain environment, how do I prevent machines that are not part of our domain to be assigned an IP address? ... This approach doesn't stop your rogue clients from connecting to other clients, but merely doesn't give them the information they normally need to do so. ... Using 802.1x, your workstations authenticate through the switch to a radius server before they are allowed any connectivity. ... This authentication can use X.509 certificates, computer account credentials from AD, or whatever else you'd normally configure radius to authenticate with. ... (Focus-Microsoft)
Re: GP Logon Script Fails on Wireless XP Clients ... I forgot that this is a Windows XP only setting. ... You could try taking a network trace to see what's going on. ... > Slow network connection timeout for user profiles... >>What options do you have set on the Authentication Tab... (microsoft.public.win2000.group_policy)
Re: wireless network disconnects when using IEEE 802.1x authentica ... since it gets encrypted before it leaves the wireless NIC... For a home network or small ... >> Change that authentication key say every six months. ... >> RADIUS server to do that, and it works best if you've got an Active ... (microsoft.public.windowsxp.security_admin)
Re: PEAP user authentication failed - need help ... How to Setup Windows, Network, VPN & Remote Access on ... I set up a domain controller (Windows Server 2008), ... DHCP, NPS, AD certificate services and created ...authentication), it NEVER asks me to enter user credentials and there ... (microsoft.public.windows.server.networking)
