Re: WPA and Microsoft PKI considerations in a NT4 Domain environment
From: James McIllece [MS] (jamesmci_at_online.microsoft.com)
Date: 03/22/04
- Next message: anonymous_at_discussions.microsoft.com: "Re: 2k VPN/RAS issues"
- Previous message: Herb Martin: "Re: 2000 log on script"
- In reply to: Paul Mras: "WPA and Microsoft PKI considerations in a NT4 Domain environment"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 22 Mar 2004 15:59:14 -0800
=?Utf-8?B?UGF1bCBNcmFz?= <paulmras@hotmail.com> wrote in
news:5BE59DB5-3078-455A-A8C0-5EDB47160307@microsoft.com:
> I'm looking for a white paper scenario that illustrates
> WPA/802.1x/EAP-TLS functionality in the following environment:
>
> Single NT4 Domain
> IAS running on a domain member Windows 2000 Server (standard edition)
> + SP4 Wireless A/P that supports 802.1x/EAP-TLS/WPA
> No PKI setup (yet)
> Wireless Clients running either Windows 2000 SP4 or Windows XP SP1
>
> Is it possible to implement a domain member Microsoft Windows Server
> 2003 (standard) standalone CA that would support the environment
> described above with EAP-TLS? In other words, can we setup a
> Microsoft PKI before we upgrade to a 2003 Active Directory Domain?
>
I checked with the Certificate Services PM on this and forwarded your
configuration, and he stated that you can implement your PKI before you
upgrade. The topic "Microsoft Solution for Securing Wireless LANs" will be
very helpful:
http://www.microsoft.com/downloads/details.aspx?FamilyId=CDB639B3-010B-
47E7-B234-A27CDA291DAD&displaylang=en
Keep in mind that how you configure your certificates in Certificate
Templates is a key issue that will determine your success. You can find
certificate requirements (both client and server requirements) in the WS03
Help topic "Network access authentication and certificates" (on the web at
http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/
proddocs/en-
us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/prodd
ocs/en-us/sag_VPN_und15.asp.)
Also, Windows Server 2003, Enterprise Edition, Certificate Services has a
"RAS and IAS Server" certificate template that makes configuration of your
certificates for IAS somewhat easier, although doing so is also possible in
Standard Edition.
-- James McIllece, Microsoft Please do not send email directly to this alias. This is my online account name for newsgroup participation only. This posting is provided "AS IS" with no warranties, and confers no rights.
- Next message: anonymous_at_discussions.microsoft.com: "Re: 2k VPN/RAS issues"
- Previous message: Herb Martin: "Re: 2000 log on script"
- In reply to: Paul Mras: "WPA and Microsoft PKI considerations in a NT4 Domain environment"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
