Wired Authentication issues.

Discussion in 'Wireless Networking' started by Derek, Dec 1, 2006.

  1. Derek

    Derek Guest

    Hello,



    I have set up Windows 2003 R2 Certificate Services along with IAS to enable
    port authentication. I have used the "Securing Wireless LANs with
    Certificate Services" Build guide and "Deployment of IEEE 802.1X for Wired
    Networks Using Microsoft Windows" as guides to configure everything. The
    client computers are Windows 2000 SP4 and Windows XP SP2.



    I have configured a Version 1 Computer template and the client machines are
    all getting their certificates. Once a machine has a certificate after the
    first reboot the machine will authenticate with the port and allow access.
    Upon subsequent reboots Windows come back with the error "Windows was unable
    to find a certificate to log you on to the network." When I look in the
    computers certificates the computer does in fact have a certificate. The
    IAS server does not see an authentication request as the client does not
    send one. The Wireless configuration services are running and the
    authentication options for the network adapter are set to "Authenticate as
    computer when computer information is available"



    Any ideas?, Am I using the wrong certificate?



    Thanks in Advance



    Derek
    Derek, Dec 1, 2006
    #1
    1. Advertising

  2. Hi Derek --

    I am a little confused -- are you deploying 802.1X Ethernet (wired) or
    802.1X wireless? Or maybe you are doing both. I ask because you mention
    both a wireless and wired guide in your first paragraph below.

    Which client (wired or wireless) are you having problems with?

    Thanks for any additional information you can provide.

    "Derek" <> wrote in
    news::

    > Hello,
    >
    >
    >
    > I have set up Windows 2003 R2 Certificate Services along with IAS to
    > enable port authentication. I have used the "Securing Wireless LANs
    > with Certificate Services" Build guide and "Deployment of IEEE 802.1X
    > for Wired Networks Using Microsoft Windows" as guides to configure
    > everything. The client computers are Windows 2000 SP4 and Windows XP
    > SP2.
    >
    >
    >
    > I have configured a Version 1 Computer template and the client
    > machines are all getting their certificates. Once a machine has a
    > certificate after the first reboot the machine will authenticate with
    > the port and allow access. Upon subsequent reboots Windows come back
    > with the error "Windows was unable to find a certificate to log you on
    > to the network." When I look in the computers certificates the
    > computer does in fact have a certificate. The IAS server does not see
    > an authentication request as the client does not send one. The
    > Wireless configuration services are running and the authentication
    > options for the network adapter are set to "Authenticate as computer
    > when computer information is available"
    >
    >
    >
    > Any ideas?, Am I using the wrong certificate?
    >
    >
    >
    > Thanks in Advance
    >
    >
    >
    > Derek
    >
    >
    >
    >
    >




    --
    James McIllece, Microsoft

    Please do not send email directly to this alias. This is my online account
    name for newsgroup participation only.

    This posting is provided "AS IS" with no warranties, and confers no rights.
    James McIllece [MS], Dec 1, 2006
    #2
    1. Advertising

  3. Derek

    Derek Guest

    I am trying to get wired working first, then wireless. All I need at this
    point is to get the wired clients to authenticate to the port. Once I have
    that working then I will built a guest vlan for un-authenticated users.
    "James McIllece [MS]" <> wrote in message
    news:Xns988C919EF406jamesmcionlinemicros@207.46.248.16...
    > Hi Derek --
    >
    > I am a little confused -- are you deploying 802.1X Ethernet (wired) or
    > 802.1X wireless? Or maybe you are doing both. I ask because you mention
    > both a wireless and wired guide in your first paragraph below.
    >
    > Which client (wired or wireless) are you having problems with?
    >
    > Thanks for any additional information you can provide.
    >
    > "Derek" <> wrote in
    > news::
    >
    >> Hello,
    >>
    >>
    >>
    >> I have set up Windows 2003 R2 Certificate Services along with IAS to
    >> enable port authentication. I have used the "Securing Wireless LANs
    >> with Certificate Services" Build guide and "Deployment of IEEE 802.1X
    >> for Wired Networks Using Microsoft Windows" as guides to configure
    >> everything. The client computers are Windows 2000 SP4 and Windows XP
    >> SP2.
    >>
    >>
    >>
    >> I have configured a Version 1 Computer template and the client
    >> machines are all getting their certificates. Once a machine has a
    >> certificate after the first reboot the machine will authenticate with
    >> the port and allow access. Upon subsequent reboots Windows come back
    >> with the error "Windows was unable to find a certificate to log you on
    >> to the network." When I look in the computers certificates the
    >> computer does in fact have a certificate. The IAS server does not see
    >> an authentication request as the client does not send one. The
    >> Wireless configuration services are running and the authentication
    >> options for the network adapter are set to "Authenticate as computer
    >> when computer information is available"
    >>
    >>
    >>
    >> Any ideas?, Am I using the wrong certificate?
    >>
    >>
    >>
    >> Thanks in Advance
    >>
    >>
    >>
    >> Derek
    >>
    >>
    >>
    >>
    >>

    >
    >
    >
    > --
    > James McIllece, Microsoft
    >
    > Please do not send email directly to this alias. This is my online
    > account
    > name for newsgroup participation only.
    >
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    Derek, Dec 1, 2006
    #3
  4. Derek

    Derek Guest

    Also if I understand correctly it should not matter if the client is
    wireless or wired as the certificate is the same. I want to do only
    computer certificates not user.
    "James McIllece [MS]" <> wrote in message
    news:Xns988C919EF406jamesmcionlinemicros@207.46.248.16...
    > Hi Derek --
    >
    > I am a little confused -- are you deploying 802.1X Ethernet (wired) or
    > 802.1X wireless? Or maybe you are doing both. I ask because you mention
    > both a wireless and wired guide in your first paragraph below.
    >
    > Which client (wired or wireless) are you having problems with?
    >
    > Thanks for any additional information you can provide.
    >
    > "Derek" <> wrote in
    > news::
    >
    >> Hello,
    >>
    >>
    >>
    >> I have set up Windows 2003 R2 Certificate Services along with IAS to
    >> enable port authentication. I have used the "Securing Wireless LANs
    >> with Certificate Services" Build guide and "Deployment of IEEE 802.1X
    >> for Wired Networks Using Microsoft Windows" as guides to configure
    >> everything. The client computers are Windows 2000 SP4 and Windows XP
    >> SP2.
    >>
    >>
    >>
    >> I have configured a Version 1 Computer template and the client
    >> machines are all getting their certificates. Once a machine has a
    >> certificate after the first reboot the machine will authenticate with
    >> the port and allow access. Upon subsequent reboots Windows come back
    >> with the error "Windows was unable to find a certificate to log you on
    >> to the network." When I look in the computers certificates the
    >> computer does in fact have a certificate. The IAS server does not see
    >> an authentication request as the client does not send one. The
    >> Wireless configuration services are running and the authentication
    >> options for the network adapter are set to "Authenticate as computer
    >> when computer information is available"
    >>
    >>
    >>
    >> Any ideas?, Am I using the wrong certificate?
    >>
    >>
    >>
    >> Thanks in Advance
    >>
    >>
    >>
    >> Derek
    >>
    >>
    >>
    >>
    >>

    >
    >
    >
    > --
    > James McIllece, Microsoft
    >
    > Please do not send email directly to this alias. This is my online
    > account
    > name for newsgroup participation only.
    >
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    Derek, Dec 1, 2006
    #4
  5. OK, so you need to verify that you have the CA cert in the Trusted Root
    Certification Authorities certificate store on the client.

    Also verify that the server cert is properly formed (if you can configure
    it in a remote access policy in IAS it is probably OK) and that the client
    certs are too.

    You can find the minimum server and client cert requirements in the IAS
    Help topic "Network access authentication and certificates."


    "Derek" <> wrote in
    news::

    > I am trying to get wired working first, then wireless. All I need at
    > this point is to get the wired clients to authenticate to the port.
    > Once I have that working then I will built a guest vlan for
    > un-authenticated users. "James McIllece [MS]"
    > <> wrote in message
    > news:Xns988C919EF406jamesmcionlinemicros@207.46.248.16...
    >> Hi Derek --
    >>
    >> I am a little confused -- are you deploying 802.1X Ethernet (wired)
    >> or 802.1X wireless? Or maybe you are doing both. I ask because you
    >> mention both a wireless and wired guide in your first paragraph
    >> below.
    >>
    >> Which client (wired or wireless) are you having problems with?
    >>
    >> Thanks for any additional information you can provide.
    >>
    >> "Derek" <> wrote in
    >> news::
    >>
    >>> Hello,
    >>>
    >>>
    >>>
    >>> I have set up Windows 2003 R2 Certificate Services along with IAS to
    >>> enable port authentication. I have used the "Securing Wireless LANs
    >>> with Certificate Services" Build guide and "Deployment of IEEE
    >>> 802.1X for Wired Networks Using Microsoft Windows" as guides to
    >>> configure everything. The client computers are Windows 2000 SP4 and
    >>> Windows XP SP2.
    >>>
    >>>
    >>>
    >>> I have configured a Version 1 Computer template and the client
    >>> machines are all getting their certificates. Once a machine has a
    >>> certificate after the first reboot the machine will authenticate
    >>> with the port and allow access. Upon subsequent reboots Windows come
    >>> back with the error "Windows was unable to find a certificate to log
    >>> you on to the network." When I look in the computers certificates
    >>> the computer does in fact have a certificate. The IAS server does
    >>> not see an authentication request as the client does not send one.
    >>> The Wireless configuration services are running and the
    >>> authentication options for the network adapter are set to
    >>> "Authenticate as computer when computer information is available"
    >>>
    >>>
    >>>
    >>> Any ideas?, Am I using the wrong certificate?
    >>>
    >>>
    >>>
    >>> Thanks in Advance
    >>>
    >>>
    >>>
    >>> Derek
    >>>
    >>>
    >>>
    >>>
    >>>

    >>
    >>
    >>
    >> --
    >> James McIllece, Microsoft
    >>
    >> Please do not send email directly to this alias. This is my online
    >> account
    >> name for newsgroup participation only.
    >>
    >> This posting is provided "AS IS" with no warranties, and confers no
    >> rights.

    >
    >




    --
    James McIllece, Microsoft

    Please do not send email directly to this alias. This is my online account
    name for newsgroup participation only.

    This posting is provided "AS IS" with no warranties, and confers no rights.
    James McIllece [MS], Dec 4, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?ZGZhdG92aWM=?=

    wireless can't access wired. But Wired can access wireless

    =?Utf-8?B?ZGZhdG92aWM=?=, Feb 4, 2005, in forum: Wireless Networking
    Replies:
    5
    Views:
    1,216
    Carey Holzman
    Feb 5, 2005
  2. Rafael
    Replies:
    1
    Views:
    3,118
  3. UFGrayMatter

    Wireless can't see Wired, Wired Can't Access Wireless

    UFGrayMatter, Aug 14, 2006, in forum: Wireless Networking
    Replies:
    0
    Views:
    1,055
    UFGrayMatter
    Aug 14, 2006
  4. Mike Henley

    Wired Tools of 2004 from Wired magazine : the Cameras !!!

    Mike Henley, Dec 6, 2004, in forum: Digital Photography
    Replies:
    0
    Views:
    537
    Mike Henley
    Dec 6, 2004
  5. eaglehk
    Replies:
    0
    Views:
    1,025
    eaglehk
    Nov 23, 2009
Loading...

Share This Page