WM5 and 802.1X

  • Thread starter Thread starter Randy Smith
  • Start date Start date
R

Randy Smith

Hello,

I have a private CA used for WLAN authentication. My network has the
following:

a.. There is an existing Wireless infrastructure with several access points.
a.. A Windows PKI infrastructure is already in place.
a.. The certificate Authority does not use standard templates.
a.. XP Notebooks are already running on WEP, EAP-TLS for authentication to
the Wireless network.
a.. They enroll the certificates through Windows group policy.
a.. Microsoft's IAS is used for the Radius authentication, and is connected
to the AD with the user accounts.

Along with our Windows XP and 2000 systems we have several Windows Mobile 5
barcode scanners. I'd like to get these devices using the 802.1x WLAN
security. I understand that I will have to manually install the certificate
using a third party installer.

What are some examples of good third party installers for this step?

I would like AD to use a machine or computer certificate to authenticate a
barcode scanner. Is this possible?

If I must use personal certificates and authenticate to AD via the RADIUS
server what is the best way to setup the user accounts? Several users will
be using the barcode scanners and I do not want to assign scanners to
users...they will just grab one from a pool that is available.

I do want to be able to track connections and network changes back to a
particular device/user. What is a good way to accomplish this?

If anyone has any documentation or web links that could help with any of
these questions it would be a huge help. Thanks in advance!


Randy
 
I used this one:

http://www.jacco2.dds.nl/networking/p12imprt.html


--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *


"Randy Smith" <smittyrt@gmail.com> wrote in message
news:OFQ9UfNwIHA.4476@TK2MSFTNGP06.phx.gbl...
> Hello,
>
> I have a private CA used for WLAN authentication. My network has the
> following:
>
> a.. There is an existing Wireless infrastructure with several access
> points.
> a.. A Windows PKI infrastructure is already in place.
> a.. The certificate Authority does not use standard templates.
> a.. XP Notebooks are already running on WEP, EAP-TLS for authentication to
> the Wireless network.
> a.. They enroll the certificates through Windows group policy.
> a.. Microsoft's IAS is used for the Radius authentication, and is
> connected to the AD with the user accounts.
>
> Along with our Windows XP and 2000 systems we have several Windows Mobile
> 5 barcode scanners. I'd like to get these devices using the 802.1x WLAN
> security. I understand that I will have to manually install the
> certificate using a third party installer.
>
> What are some examples of good third party installers for this step?
>
> I would like AD to use a machine or computer certificate to authenticate a
> barcode scanner. Is this possible?
>
> If I must use personal certificates and authenticate to AD via the RADIUS
> server what is the best way to setup the user accounts? Several users
> will be using the barcode scanners and I do not want to assign scanners to
> users...they will just grab one from a pool that is available.
>
> I do want to be able to track connections and network changes back to a
> particular device/user. What is a good way to accomplish this?
>
> If anyone has any documentation or web links that could help with any of
> these questions it would be a huge help. Thanks in advance!
>
>
> Randy
>
 
Back
Top