Sign in with
Sign up | Sign in
Your question

Type of Wireless Access Point needed with EAP-TLS

Last response: in Wireless Networking
Share
March 30, 2005 1:33:04 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Hi,

I am deploying EAP-TLS. I would like to know what type if access point is
needed for EAP-TLS?

Any help is appriciated.

Regards,
Jay
Anonymous
a b F Wireless
March 31, 2005 6:13:45 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Hi Jay,
You need an Access Point that supports 802.1x.
Thanks

> I am deploying EAP-TLS. I would like to know what type if access point is
> needed for EAP-TLS?
>
> Any help is appriciated.
>
> Regards,
> Jay
April 1, 2005 1:01:04 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Hi Udit,

Thanks for the reply.

I am using LinkSys WAP55AG access point wich supports 802.11a/b/g, and
surprisingly it is working with EAP-TLS.

Here is the config:

On AP:
RADIUS/TKIP enabled and RADIUS points to Microsoft IAS server.
IAS Server:
Configure to use Server Certificate and EAP-TLS protocol. Remote Access
Policies NAS-PORT 802.11 and other, Windows-Group as well.
CA Aothority:
Configure to auto distribute user certificated based on group membership.
Client side:
Set up a wireless profile using windows: Use WPA and TKIP. Under
Authentication tab: use Smartcard or other authenticaiton, and enable
Validate Server Certificate.

With This configuration, client will only albe to connect if User
certificate, server certificate is validated on both ends(Server and Client).
It seems like that it is working eventhough that Access Point doesn't support
802.1x. I am not sure if it is as secure as the one that supports 802.1x. Any
ideas why it is working and how secure is this?

Regards,
Jay

"Udit Saxena [MSFT]" wrote:

> Hi Jay,
> You need an Access Point that supports 802.1x.
> Thanks
>
> > I am deploying EAP-TLS. I would like to know what type if access point is
> > needed for EAP-TLS?
> >
> > Any help is appriciated.
> >
> > Regards,
> > Jay
>
>
>
!