Hi All,
I am currently trying to set up a Cisco Aironet 1130AG access point with radius authentication.
Inside the radius I have created a RAS client for the access point and have specified a shared secret, I have restarted the radius server for the new RAS Client to be picked up.
There is a security group from AD defined in the radius for wireless users. I have also created a couple of native users as well.
In the configuration of the Cisco I have specified all of the radius server addresses and shared secrets as I am getting entries in the radius log files.
The bit that is now confusing me is the Windows XP side.
From what I have read, the client (XP) is only able to transmit EAP traffic until authenticated but this is the part I am struggling with.
I have been into the properties of the network connection and selected authentication and changed EAP type to Protected EAP. Under properties I have unchecked validate server certificate and the authentication method is currently set to EAP-MSCHAP v2.
I have clicked configure and made sure there is a tick in automatically use my Windows logon name and password (and domain if available)
All that I get when trying to connect with the above settings is a message saying validating identity.
Do I need a certificate on the server for EAP-MSCHAP v2 even though the users should be authenticated through Active Directory?
Thanks
|
Similar Threads
