Re: 802.1X help needed

Hi, Andy.

I'm the author of the documents you are using. Let me make sure I understand
your network configuration:

- - - - -
Cable Modem ->
LinkSys RTP300 (DHCP disabled) ->
D-Link DWL-900AP+ rev B
SBS2003 (1-NIC config)
Wired Desktop #1
Wired Desktop #2

Wireless Laptop
- - - - -

(This is essentially the "Sample 1-NIC" diagram in the Appendix.)

I have not used the DWL-900AP+ (any version) so I took a quick look at the rev
B User Manual posted on D-Link's web site. Frankly, there's nothing in the
manual which clearly states this WAP supports 802.1x. It may just be a poor
manual but that would be a _major_ omission if true. Have you found menus on
the WAP where you can specify RADIUS settings? There should be a dynamic rekey
interval setting as well.

As you probably know, this is an older device (the latest firmware dates to
2003) and, as you note, it only supports WEP. As my document says, WEP is
supported but it's not recommended nowadays because it's so easy to crack. The
DWL-900AP+ is also 802.11b and limited to 11Mbps transmission speed. (There
appears to be a proprietary 22Mbps setting, but I don't recommend using non-
standard settings with secure wireless.) IMO, you should seriously consider
replacing the DWL-900AP+ with a more capable device.

Having said that, if you want to continue diagnosing this using WEP you will
need to provide the specific GPO settings you used. (My docs recommend using
WPA and only provide those settings.) By the way, unlinking the GPO probably
did not have any effect since the settings and certificate had already been
pushed out to the laptop. You can check the settings by bringing up Network
Properties on the laptop and examining the wireless configuration.

I do recommend giving the WAP a static IP although a DHCP reservation should
work. (I have never done that, though.) Have you verified the WAP is actually
using the assigned IP? If not - AND if it really supports RADIUS - that's a
problem because Internet Authentication Service will be trying to communicate
with the WAP on the IP you specified.

If I am correct that the DWL-900AP+ does _not_ support 802.1x, you may actually
be using a pre-shared key version of WEP (static WEP). That would be REALLY
insecure.

-- Owen Williams [SBS MVP]

In article <1164393183.114974.324090@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>, ajj3085
@alum.rit.edu says...
Hi,

Using the documents found at this site:
http://home.comcast.net/~clearviewtc I am trying to setup 802.1X for my
wireless network.

First, the network. I have a Linksys RTP300 connected to my cable
modem. I have two wired desktops, running XPSP2 connected to it. I
also have my SBS 2003 connected through a hardwire to the linksys.

I have a DLink DWL-900AP+, revision B, which supports WEP and 802.1X
(supposedly), connected to the final open lan port on the Linksys.

I used the documents in the link above as a guide, pretty much
following each step (I don't have ISA 2004 setup). Following all the
steps, I got one wireless laptop (also XPSP2) connected (using a
DWL-G650). It worked great; saw the message stating it was
authenticating and everything.

Later, I booted up the laptop, and it wouldn't connect to my network
anymore. I tried to get it working, but wasn't sure what to do, so I
disabled the 802.1X on the and deleted the GPO Link in the Computers
node of the Group Policy Editor. I connected the laptop with a
hardwire, ran the gpupdate /force command, and was back on the
wireless.

I was trying again today, but can't get it working at all anymore. I
tried to relink the GPO and force refreshing the group policy, logging
off when it asked, and tried the connection again. No joy.

Any ideas where I'm going wrong? One thing I didn't do was set a
static IP address for the WAP, however I have it set to always get the
same IP address through the DHCP settings on the SBS 2003.
.

Relevant Pages

  • Re: Cannot find server or DNS Error
    ... Between the two locations a router and the router has also the ISP connection? ... Ethernet adapter Wireless Network Connection: ... To check your connection settings, click the Tools menu, and then ... Internet service provider. ...
    (microsoft.public.windows.server.dns)
  • Re: D-Link Modem Not Working With One Computer
    ... defaults to when it cannot connect with the dhcp server. ... You say the settings are the same on the working and not working ... Networks" in Network Connections, but what is strange is that my ISP told me ... Control Panel: Network Connections: Wireless Network Connection: General ...
    (microsoft.public.windowsxp.network_web)
  • Linksys Wireless Adapter
    ... First Off NEVER EVER CHANGE THE SETTINGS OF YOUR ... The thing is that Linksys ... If you did change the SSID name then, ... computer that can talk to the network, ...
    (microsoft.public.windowsxp.general)
  • Re: A story from the BlackIce mam
    ... > connected to my network using File and Printer Sharing. ... > any of the machines that had BlackIce. ... > connection, and it was in that state for several months. ... i think is to do with my BI settings) is when i share files through yahoo ...
    (comp.security.firewalls)
  • Re: BEFSX41 VPN
    ... > wondering about Linksys BEFSX41 as the router/vpn endpoint. ... > Home conntection will listen for connection from work 100% of the time. ... of the company network. ... My desktop computer will be NAT'd behind the Linksys. ...
    (comp.security.firewalls)
Loading