Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Using Machine Certificates with 802.1x EAP 1

Status
Not open for further replies.
beridor

beridor

MIS
Aug 8, 2003
26
GB
I'm, looking to use my machine certificate to log onto a wireless network using 802.1x EAP. i would then like to log onto thge network and once again present my machine certificate as opposed to my user certificate - does anyone have any suggestions on how this can be achieved?

the idea is that if a user is on an allowed machine has can logonto that machine they should be allowed on to the network, so the machine is authenticated and the user is not.

I suspect that this will be a change within Windows (the client is XP by the way) as opposed to a change within the authenticator or authentication server - any suggestions?

Cheers

Dave
 
Sort by date Sort by votes
hi,

do you want to use only the machine certifcate?
windows xp uses default machine+user certificate.

with a reg key you can change it to use only machine certificatre.


mewi

 
Upvote 0 Downvote
Could you post the reg key please - I'd like it to use machine certificate only.

Cheers

Dave
 
Upvote 0 Downvote
ok,

here is it:

Enabling Computer-only Authentication Using the Registry
To configure computer-only authentication through the registry, all the Windows-based wireless clients must
have the following registry value set:
HKEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters\General
\Global\AuthMode=2
With the AuthMode setting set to 2, only computer authentication is attempted. User authentication is never
attempted.


from this source:

best regards,
mewi
 
Upvote 0 Downvote
yup - thanks very much for the response, solved my problems completely.

One thing to note (this may be implicit to a more experienced Windows Administrator) but the reg edit HKEY_LOCAL_MACHINE\software\microsoft\EAPOL\Parmeters\General\Global\AuthMode=2 is a DWORD

that was about the only thing that caused me any grief.

Thanks once again.

Dave
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

hipath4k
  • Locked
  • Question Question
WIFI router with inbuilt multiple user login and password
Replies
0
Views
413
hipath4k
hipath4k
Stealth1007
  • Locked
  • Question Question
Please help with DD-WRT bandwith issues when Panasonic NS700 is connected
Replies
1
Views
427
goombawaho
goombawaho
themanstan
  • Locked
  • Question Question
Help with SP3
Replies
1
Views
305
rclarke250
rclarke250
goombawaho
  • Locked
  • Question Question
Slow Wireless with Netgear WN604
Replies
0
Views
276
goombawaho
goombawaho
ateknor
  • Locked
  • Question Question
Your Experience with Cell Phone Signal Boosters
Replies
1
Views
277
robertjo24
robertjo24

Part and Inventory Search

Sponsor

Back
Top