802.1x wired deployment on xp & win2k clients

Unanswered Question
Jun 9th, 2010
User Badges:

We have already got this working, but need to find a way to push the network card settings out to all of the client machines. By network card settings, I mean that we need to tell the network card to use 802.1x authentication and we need to tell it which certificate to use. We need to be able to do this remotely via using some sort of script or GPO as there are too many machines to go around and do this manually. Does anybody have any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 06/09/2010 - 09:48
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Mark


You don't say which server version you are using but if it is 2008 you can use GPO, see this link -


2008 GP 802.1x


it should be said that this is really a Microsoft question rather than Cisco, so if you are not using 2008 it may be a good idea to search technet for your particular server version. GPO for wired 802.1x was not supported for quite a while by Microsoft because they recommended using IPSEC for wired clients and only 802.1x for wireless.


Jon

Jon Marshall Wed, 06/09/2010 - 11:55
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Mark


Might be worth having a quick search of Technet/Google for 2003 GPO 802.1x wired.


Jon

Mark Bowyer Wed, 06/09/2010 - 11:56
User Badges:

ah, looks like the group policy options in 2008 only work with XP and above. Anybody know any way of doing it on win2k machines?

Jon Marshall Wed, 06/09/2010 - 11:59
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

markbwyr1983 wrote:


ah, looks like the group policy options in 2008 only work with XP and above. Anybody know any way of doing it on win2k machines?


Mark


Not trying to put you off but you might be better either -


1) moving this thread or reposting to the wireless forums where there may well be people who can answer your question


or


2) posting question on Microsoft forums


This forum is specifically to do with LAN switches and routers which is not really related to what you are doing.


Jon

Chetan Kumar Ress Fri, 06/11/2010 - 08:56
User Badges:
  • Silver, 250 points or more

Hi Mark


As per me i dont think that there is any script that can unable Dot1.x in network card setting.


But you can push the certificate through GPO in Win 2003 Server. When user will login then it will promt that whether you wnat to use this certificate or not , But you can't force directly that the certificate should enable .


https://support.smoothwall.net/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=180


Please refer the below link.


Regards

Chetan Kumar

Actions

This Discussion