Hello guys, I have just configured a radius server, active directory domain controller and certificate server on one windows 2003 pc. I have generate a self-signed digital certificate and used certificate server to generate a root certificate from it. I have exported it as a 'public key only' and saved it on the desktop of the radius server.
1) I configure the radius server policy to accept connections from wireless and Ethernet connections using 'PEAP'
2) And that the user must supply a user name and password from active directory. Before entering the network.
3) I am planning on using 802.1x port security ( config-if # dot1x port-security auto )on the switch connecting to the pc
4) i am planning on pointint the switch to server and server to switch. i will also configure the client network cards for PEAP.
What I don't know is how will the client pc get this certificate that is on my radius server? Do they need to have a copy on their own machines for them to be able to communicate with the server? This is where I am lost