Archived from groups: microsoft.public.windows.networking.wireless (More info?)
Hi,
I am using EAP-TLS, and I know that it requires 802.1x complient access
point.
I am using LinkSys WAP55AG access point wich supports 802.11a/b/g, and
surprisingly it is working with EAP-TLS.
Here is the config:
On AP:
RADIUS/TKIP enabled and RADIUS points to Microsoft IAS server.
IAS Server:
Configure to use Server Certificate and EAP-TLS protocol. Remote Access
Policies NAS-PORT 802.11 and other, Windows-Group as well.
CA Aothority:
Configure to auto distribute user certificated based on group membership.
Client side:
Set up a wireless profile using windows: Use WPA and TKIP. Under
Authentication tab: use Smartcard or other authenticaiton, and enable
Validate Server Certificate.
With This configuration, client will able to connect only if User
certificate, server certificate is validated on both ends(Server and Client).
It seems like that it is working eventhough that Access Point doesn't support
802.1x.
I am not sure if it is as secure as the one that supports 802.1x. Any
ideas why it is working and how secure is this?
Regards,
Jay
Hi,
I am using EAP-TLS, and I know that it requires 802.1x complient access
point.
I am using LinkSys WAP55AG access point wich supports 802.11a/b/g, and
surprisingly it is working with EAP-TLS.
Here is the config:
On AP:
RADIUS/TKIP enabled and RADIUS points to Microsoft IAS server.
IAS Server:
Configure to use Server Certificate and EAP-TLS protocol. Remote Access
Policies NAS-PORT 802.11 and other, Windows-Group as well.
CA Aothority:
Configure to auto distribute user certificated based on group membership.
Client side:
Set up a wireless profile using windows: Use WPA and TKIP. Under
Authentication tab: use Smartcard or other authenticaiton, and enable
Validate Server Certificate.
With This configuration, client will able to connect only if User
certificate, server certificate is validated on both ends(Server and Client).
It seems like that it is working eventhough that Access Point doesn't support
802.1x.
I am not sure if it is as secure as the one that supports 802.1x. Any
ideas why it is working and how secure is this?
Regards,
Jay