hit counter script

Enabling Peap (Eap-Mschap V2) Machine Authentication With Machine Credentials - Cisco CB21AG Installation And Configuration Manual

Cisco aironet 802.11a/b/g wireless lan client adapters (cb21ag and pi21ag)
Hide thumbs Also See for CB21AG:
Table of Contents

Advertisement

Chapter 5
Configuring the Client Adapter

Enabling PEAP (EAP-MSCHAP V2) Machine Authentication with Machine Credentials

The Host Based EAP option in the 802.1x EAP Type drop-down box on the Profile Management
(Security) window enables client adapters that are configured through ADU to attempt to log into a
domain using PEAP (EAP-MSCHAP V2) machine authentication with machine credentials. Doing so
enables your computer to connect to the network prior to user logon. Follow these steps to enable this
authentication type.
Note
This procedure enables you to use PEAP (EAP-MSCHAP V2) machine authentication with machine
credentials. If you want to enable PEAP (EAP-MSCHAP V2) machine authentication with user
credentials, follow the instructions in the
Note
Because this feature requires the Microsoft Wireless Configuration Manager to start and stop as you
switch between host-based EAP and non-host-based EAP profiles, it works only for users with
administrator or power-user privileges. An error message appears if you attempt to switch to or from a
host-based EAP profile and you do not have the proper permissions.
Note
To use this feature on a computer running Windows 2000, your computer must have the Microsoft
802.1X supplicant installed.
Host Based EAP is not included in the list of WPA/WPA2/CCKM EAP Type options on the Profile
Note
Management (Security) window in ADU because this feature is not supported for use with WPA or
WPA2.
Step 1
Choose 802.1x under Set Security Options and Host Based EAP in the 802.1x EAP Type drop-down
box.
If you want to change the value of the Group Policy Delay parameter, enter a new value or use the up
Step 2
and down arrows to select a value between 0 and 65535 seconds. (Microsoft supports only values
between 30 and 600 seconds. The default value is 60 seconds.)
The Group Policy Delay parameter specifies how much time elapses before the Windows logon process
starts Group Policy, a Windows feature used by administrators to specify configuration options for
groups of users. The objective is to delay the start of Group Policy until wireless network authentication
occurs. The value that you set for this parameter goes into effect after the computer reboots with this
profile set as the active profile.
Note
Step 3
Click OK to save your settings.
Step 4
Activate this profile on the Cisco Aironet Desktop Utility (Profile Management) window. The Microsoft
Wireless Configuration Manager starts.
Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide
OL-4211-03
A Microsoft hot fix is required in order to use this parameter on computers running Windows
2000. Refer to the
"Installing a Microsoft Hot Fix for Group Policy Delay" section on page 3-20
for information on obtaining and installing the hot fix.
"Enabling PEAP (EAP-MSCHAP V2)" section on page
Setting Security Parameters
5-46.
5-49

Advertisement

Table of Contents
loading

This manual is also suitable for:

Pi21ag

Table of Contents