Wired 802.1x

Discussion in 'Wireless Networking' started by =?Utf-8?B?TGVl?=, Mar 3, 2005.

  1. Greetings.

    I have been researching this for some time and have not come up with a
    solution.
    Basically, I would like to configure the interface Authentication settings
    across all clients to use PEAP, along with some other related adjustments.

    After downloading and installing Windows 2003 SP1, it appears that Microsoft
    has really missed the boat on this. WHY would they include new GPO-based
    features for wireless but not wired interfaces???

    Does anyone know of a tool/script that configures Authentication settings of
    an interface?

    Thanks

    - Lee
    =?Utf-8?B?TGVl?=, Mar 3, 2005
    #1
    1. Advertising

  2. =?Utf-8?B?TGVl?=

    S. Pidgorny Guest

    Yes, Microsoft screwed this up. You cannot configure wired 802.1x properties
    with group policy, or script, or any tool. Only manually, using GUI.

    We should stay tuned for the OS feature packs, I guess.

    --
    Svyatoslav Pidgorny, MVP, MCSE
    -= F1 is the key =-

    "Lee" <> wrote in message
    news:...
    > Greetings.
    >
    > I have been researching this for some time and have not come up with a
    > solution.
    > Basically, I would like to configure the interface Authentication settings
    > across all clients to use PEAP, along with some other related adjustments.
    >
    > After downloading and installing Windows 2003 SP1, it appears that

    Microsoft
    > has really missed the boat on this. WHY would they include new GPO-based
    > features for wireless but not wired interfaces???
    >
    > Does anyone know of a tool/script that configures Authentication settings

    of
    > an interface?
    >
    > Thanks
    >
    > - Lee
    S. Pidgorny, Mar 4, 2005
    #2
    1. Advertising

  3. We didn't miss the boat...

    802.1x is not the answer here: IPsec transport mode is. IPsec works fine
    *with* 802.1x, but 802.1x will not provide end to end protection of
    anything.

    IPsec will provide authentication, nonrepudiation, and confidentiality.

    When you look at the majority of threats that these 2 technologies are
    designed to protect an enterprise from, IPsec is the hands-down winner.



    "Lee" <> wrote in message
    news:...
    > Greetings.
    >
    > I have been researching this for some time and have not come up with a
    > solution.
    > Basically, I would like to configure the interface Authentication settings
    > across all clients to use PEAP, along with some other related adjustments.
    >
    > After downloading and installing Windows 2003 SP1, it appears that
    > Microsoft
    > has really missed the boat on this. WHY would they include new GPO-based
    > features for wireless but not wired interfaces???
    >
    > Does anyone know of a tool/script that configures Authentication settings
    > of
    > an interface?
    >
    > Thanks
    >
    > - Lee
    Steve Clark [MSFT], Mar 4, 2005
    #3
  4. =?Utf-8?B?TGVl?=

    Pete Guest

    "Steve Clark [MSFT]" <> wrote in message
    news:...
    > We didn't miss the boat...
    >
    > 802.1x is not the answer here: IPsec transport mode is. IPsec works fine
    > *with* 802.1x, but 802.1x will not provide end to end protection of
    > anything.
    >
    > IPsec will provide authentication, nonrepudiation, and confidentiality.
    >
    > When you look at the majority of threats that these 2 technologies are
    > designed to protect an enterprise from, IPsec is the hands-down winner.
    >




    There you go.
    So much for the customer is always right.


    --
    Pete
    "Any color you want as long as it's black."


    >
    > "Lee" <> wrote in message
    > news:...
    > > Greetings.
    > >
    > > I have been researching this for some time and have not come up with a
    > > solution.
    > > Basically, I would like to configure the interface Authentication

    settings
    > > across all clients to use PEAP, along with some other related

    adjustments.
    > >
    > > After downloading and installing Windows 2003 SP1, it appears that
    > > Microsoft
    > > has really missed the boat on this. WHY would they include new

    GPO-based
    > > features for wireless but not wired interfaces???
    > >
    > > Does anyone know of a tool/script that configures Authentication

    settings
    > > of
    > > an interface?
    > >
    > > Thanks
    > >
    > > - Lee

    >
    >
    Pete, Mar 4, 2005
    #4
  5. Do you understand the fundamental differences between these two
    technologies?

    I'm not being argumentative, I'm trying to determine how best to demonstrate
    where we counter threats....

    Do you realize 802.1x has a fundamental problem with the way it
    authenticates? When it was created years ago, it was all about wired
    security. It was ported to wireless because it filled a particular gap that
    exists. Now some are using it in a "wired" scenario.

    What I'm saying is that IPsec is far more powerful than 802.1x ever thought
    about being when it comes to protecting traffic on a per-packet basis.
    802.1x is the equivalent of asking hosts to play nice on the network. IPsec
    *forces* hosts to play nice on the network (if they want to talk to hosts
    secured with it).




    "Pete" <Pete@pete> wrote in message
    news:...
    >
    > "Steve Clark [MSFT]" <> wrote in message
    > news:...
    >> We didn't miss the boat...
    >>
    >> 802.1x is not the answer here: IPsec transport mode is. IPsec works
    >> fine
    >> *with* 802.1x, but 802.1x will not provide end to end protection of
    >> anything.
    >>
    >> IPsec will provide authentication, nonrepudiation, and confidentiality.
    >>
    >> When you look at the majority of threats that these 2 technologies are
    >> designed to protect an enterprise from, IPsec is the hands-down winner.
    >>

    >
    >
    >
    > There you go.
    > So much for the customer is always right.
    >
    >
    > --
    > Pete
    > "Any color you want as long as it's black."
    >
    >
    >>
    >> "Lee" <> wrote in message
    >> news:...
    >> > Greetings.
    >> >
    >> > I have been researching this for some time and have not come up with a
    >> > solution.
    >> > Basically, I would like to configure the interface Authentication

    > settings
    >> > across all clients to use PEAP, along with some other related

    > adjustments.
    >> >
    >> > After downloading and installing Windows 2003 SP1, it appears that
    >> > Microsoft
    >> > has really missed the boat on this. WHY would they include new

    > GPO-based
    >> > features for wireless but not wired interfaces???
    >> >
    >> > Does anyone know of a tool/script that configures Authentication

    > settings
    >> > of
    >> > an interface?
    >> >
    >> > Thanks
    >> >
    >> > - Lee

    >>
    >>

    >
    >
    Steve Clark [MSFT], Mar 4, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Oli
    Replies:
    3
    Views:
    840
  2. =?Utf-8?B?ZGZhdG92aWM=?=

    wireless can't access wired. But Wired can access wireless

    =?Utf-8?B?ZGZhdG92aWM=?=, Feb 4, 2005, in forum: Wireless Networking
    Replies:
    5
    Views:
    1,245
    Carey Holzman
    Feb 5, 2005
  3. wld
    Replies:
    0
    Views:
    668
  4. UFGrayMatter

    Wireless can't see Wired, Wired Can't Access Wireless

    UFGrayMatter, Aug 14, 2006, in forum: Wireless Networking
    Replies:
    0
    Views:
    1,080
    UFGrayMatter
    Aug 14, 2006
  5. Mike Henley

    Wired Tools of 2004 from Wired magazine : the Cameras !!!

    Mike Henley, Dec 6, 2004, in forum: Digital Photography
    Replies:
    0
    Views:
    572
    Mike Henley
    Dec 6, 2004
Loading...

Share This Page