Problem with PEAP-MSCHAPv2 when enabling/disabling wi-fi connection

Discussion in 'Wireless Networking' started by d.marcoz, Aug 7, 2006.

  1. d.marcoz

    d.marcoz Guest

    Hi, I have a problem with wireless network with PEAP-MSCHAPv2.
    I use FreeRadius for RADIUS Authentication and Windows XP SP2 as client
    with CISCO 1120b as AP.
    When I connect the first time the wireless network, I insert the
    parameters (SSID, Auth type...) the system after discover the wireless
    network ask me for the server certificate verify, when i click yes the
    system prompt me for user and password, I insert my credentials and
    well it function.
    But when I reboot my notebook or when I disconnect the user, at the
    next time the system don't associate the client, and don't prompt me
    for the certificate validation. The system remains in "attempt to
    authentication..."
    Sorry for my English but I home that my explanation it's
    comprehensible.
    Thank's for any suggestions...
    Bye

    David
     
    d.marcoz, Aug 7, 2006
    #1
    1. Advertisements

  2. d.marcoz

    Gary Guest

    Can you give a few more details on what you've set up? Are you using a
    domain controller, group policies, etc.? Are you using IAS or other RADIUS
    server? How are you deploying certificates -- manually or via group
    policy? It is no small feat but we managed to use all of Microsoft's white
    papers to get PEAP-MSCHAPv2 working for us. It involved, among other
    things, setting up certificate servers to deploy certs for just the IAS
    servers, not individuals or workstations. This is a good place to start:
    http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/ed80211.mspx

    However, if you have a small user base (e.g. less than 20 or so), you
    might want to just use something simple like WPA2 Personal aka WPA2-PSK
    (Pre-Shared Key). This would save you the time of setting up certs, IAS,
    etc. Cisco's site has some good documentation for this sort of thing as
    well. But don't forget to install the WPA2 hotfix on your XP systems:
    http://support.microsoft.com/?id=893357

    -Gary
     
    Gary, Aug 9, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.