Is there a way for XP laptops to connect to a RADIUS server without a certificate?
At work we have multiple locations each with their own separate network. I would like users to be able to connect to the wireless network using their e-mail address and password. I have a test access point setup pointed to a FreeRADIUS server I installed and my linux laptop and Android phone can connect to it fine but Windows XP doesn't prompt for a username or password and keeps throwing up a dialog saying it can't find a certificate. If I check the server, it says XP is sending an empty username and password.
Is there some kind of protocol I can switch to on the server(or something) that would let XP connect without:
A) a certificate
B) configuration changes on the laptop
Is there some kind of protocol I can switch to on the server(or something) that would let XP connect without:
A) a certificate
B) configuration changes on the laptop
Toxacon
You are propably using EAP-TLS, which requires a certificate. You need to modify the client settings if the only method is EAP at the client. You can always try by disabling EAP method from the RADIUS server and enabling other. Do not use PAP on wireless, because passwords are sent in cleartext.
ASKER
Ok, do you know what method works under xp and doesn't require a cert?
If your RADIUS supports MS-CHAP v2 then you can use it for PEAP.
ASKER
Testing it now but the server keeps returning noop when hitting the mschap module.
Can you install Microsoft IAS (NPS if Win2008 or R2) instead of the FreeRADIUS?
ASKER
Tried it under Win2003, had the same issue. Tried to generate a server-side certificate to see if that would fix things but had some problems.
Installed Win2008, had the same issue but didn't get a chance to generate a cert before the day ended. Will try it tomorrow morning and see what happens.
Installed Win2008, had the same issue but didn't get a chance to generate a cert before the day ended. Will try it tomorrow morning and see what happens.
ASKER
Tried it under Win2008, followed a MS walkthrough(http://www.microsoft.com/downloads/en/details.aspx?familyid=0f7fa9a2-e113-415b-b2a9-b6a3d64c48f5&displaylang=en)
I had to made some adjustments since it was written for 2003 but I still get the same problem. Tells me certificate not found despite which protocol I select.
Tried it on another computer running WinXP SP3 and got the exact same thing.
I had to made some adjustments since it was written for 2003 but I still get the same problem. Tells me certificate not found despite which protocol I select.
Tried it on another computer running WinXP SP3 and got the exact same thing.
ASKER
Tried again. Win2008 server and found another walk-through for Win2008 server and still getting the same thing.
I can't find any way to get XP to connect to a RADIUS server without somehow modifying XP.
I can't find any way to get XP to connect to a RADIUS server without somehow modifying XP.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
What sought a solution for was not possible.