Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

WZC, SSO with User and Machine Auth

Hi All, has anybody experiences with the use of  Wireless Zero Configuration, TLS with Machine Certificates and User Authentication with PEAP via ACS and MS AD? I heard that XP SP3 is able to do that, but cant find any Documentation.

Regards, Michael

3 REPLIES
Cisco Employee

Re: WZC, SSO with User and Machine Auth

You might have a look here:

http://technet.microsoft.com/en-us/library/cc755892%28WS.10%29.aspx

Settings for machine + user auth would be:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EAPOL\Parameters\General\Global]

"AuthMode"=dword:00000001

"SupplicantMode"=dword:00000003

and in your network interface card properties, in the authentication tab, do not forget to check "authenticate as
computer when computer information is available".

You machine needs to be part of a domain to have machine credentials.

Re: WZC, SSO with User and Machine Auth

Michael,

     I have done PEAP and EAP-TLS with Windows XP SP3 and ACS 5.2 against an Windows 2003 AD Server with no issues and not having to edit the registry. I have a lab that is configured to do exactly that and it authenticates the computer first then the user, if the computer fails authentication then it doesn't permit the user to login. I haven't found a definitive step by step guide to this configuration either. there is a document that has the basic PEAP configuration for WZC and ACS 4.X posted somewhere here that I had created, but that's it..   All my setup information came from bits and pieces extracted from various documents.

Thanks

Kayle

Community Member

Re: WZC, SSO with User and Machine Auth

Guys, thanks a lot. Will set it up in my Lab the Next days.

Bright Regards, Michael

626
Views
10
Helpful
3
Replies
CreatePlease to create content