Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Problem with PEAP auth and WinXP SP2 login.

Our problem is getting our XP SP2 clients to log in correctly via wireless, the wireless connection doesn't come up until after the user has logged in so no login scripts, no drives, etc.

Our setup is Win2003 domain using ACS 3.3.3 with a self generated cert. The cert and WLAN settings are deployed via GP's. AP1200's with recent IOS. Clients have a mix of Intel cards with latest drivers/firmwares. Any suggestions?


Re: Problem with PEAP auth and WinXP SP2 login.

If you use windows native client, the problem is that the username/password is associated with an account on the host. The host pc as to log on windows to know witch username/password to use.

To get around that, you have to use a "start before login feature". It's in the intel proset client if you do a custom installation(it wont get install by default).

The other way around this is to use a generic 802.1x client like funk or meetinghouse. Those two support that feature for a wide array of card.

Re: Problem with PEAP auth and WinXP SP2 login.

Thanks for the reply. We don't want to use the Intel client as it's not centrally configurable and using a third party 802.1x client is out due to corporate policy. I know what we have should work as I've used this setup elsewhere without problems.


Re: Problem with PEAP auth and WinXP SP2 login.

From what I tried, after machine authentication succeed, wireless connection should come up and user can login and gets shared drives. I am testing on PEAP auth with XP SP2 client. Did you pass the machine authentication?

Re: Problem with PEAP auth and WinXP SP2 login.

It doesn't look as if machine authentication is working, that seems to be our problem. After the user logs in authentication occurs but by then it's too late for login scripts, etc.