On 10/10/05, Michael Schwartzkopff <[EMAIL PROTECTED]> wrote:
Am Montag, 10. Oktober 2005 22:08 schrieb Adam KOSA:
> Hi All,
>
> this question may be off-topic, but the windows list i was asking could
> not help.
>
> i set up a 802.1x wired authentication in an ethernet network, with all
> of the following: eap-tls, eap-md5, eap-peap, with freeradius.
>
> everything is working great except one thing: 2k and xp is not able to
> cache the authentication info. with the certificate, the most i could
> achieve that when logging on, the auth is automatic. but no network
> until i log on.
>
> this is not a radius problem, since the radius and the authentication
> process is working great. the reason i'm writing is maybe some of you
> have solved this problem and could help me please. how am i supposed to
> configure the client to remember the password? I'm open to any
> solution, even to forget eap-* and use something less secure.
>
> thanks
> Adam
Forget M$. Windooze is not able to do authentication BEFORE logon. Only after
logon the possibilty to authenticate to the network exists. So much to the
logic of M$.
Use some 3rd party tool. I had good experience with Meetinghouse 801.1x
client.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan,
maybe this behaviour is "normal" because you want to use a "user" authentication (you should provide you username and you pwd). However, somewhere in the network card configuration there is a flag that looks like "use computer name to authenticate" that should be used when no username/pwd pairs are available.
I hope this could help you.
I'm trying to setup this environment (more or less) too, but I have found some problems in mschap module attempting to authenticate a wireless client using PEAP. Could you tell me something about the configuration you use?
Thanks,
Yuri
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html