windows7 machine authentication
alois.blasbichler at sb-brixen.it
Tue Aug 24 17:09:38 CEST 2010
My situation is :
I dont want user certificates for the clients to authenticate.
I configure my freeradius that only laptops in my domain can login to
my wireless - safe enaugth - so all private laptops and strange
laptops dont enter in my network. Only latops that a Administrator
connect to the domain can login.
So far all worked ok till windows 7.
If i need i can create a server certificate and import this on my
clients but i dont want use "client certificates".
so Windows 7 works with EAP-TLS and PEAP only with a server zertificate ?
Can you give me som link where can i read how to configure win7 for wlan?
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html a server
> Strictly speaking this is actually true, However! You need to understand
> what is happening:
> 1) Win7 will not connect to a wireless network that is secured with a
> certificate enabled protocol without some prior configuration, period.
> This means that is you set up an AP using 802.1x with FreeRADIUS
> (or any server) as your AAA server your windows 7 (and Vista AFAIK) WILL
> Authenticate successfully unless you specifically configure the
> client to do so. Gone are the days of click through protected WiFi
> setups in Windows.
> I have purchased a cert from thawte hoping that my clients will
> trust it and allow the connection without manually touching each machine
> but alas, no.
> 2) once correctly configured (depending on the auth protocol you are
> using) the client will accept the server's cert (the reason the auth is
> failing now) and
> send back its own cert for the server to inspect (if needed by
> the protocol).
More information about the Freeradius-Users