Wireless to a Radius server from a computer not on the domain.

My company would like to have a login for guests to be able to use so they can connect their laptops to wireless and access the internet and nothing else on the network.

Our Authentication is WPA and the Encryption is TKIP. When I set these settings on my test laptop I get an error stating " Windows was unable to find a certificate to log you on to the network".

Ultimately I would prefer not to do certificates for our guests and preferably give them a login to connect to our network wirelessly. I've read that in the Authentication tab for Wireless Networks I can uncheck the "Enable IEEE 802.1x authentication for this network" to bypass certificates but that option is grayed out for me.

Any suggestions or ideas? If you need more information please let me know.
LVL 3
WinsoupAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AnuroopsunddCommented:
can you try to use different authentication method than WPA and the Encryption is TKIP
WinsoupAuthor Commented:
I'd prefer not to. We have a bunch of iPad's, iPhone's, Droids, etc. that connect to the Radius server and are able to use wireless without issue as long as they have sufficient rights. I fear that by changing security I'll knock down the devices that already work.

Laptops (as long as they're on the domain and the user or computer has privileges to connect wirelessly) work fine.

I created a user called "wireless" and gave the wireless user privileges to use wireless. I want a guest to be able to see our wireless, connect to it and sign in as the wireless user so they're able to use our WAN.
AnuroopsunddCommented:
Ok.. so you are using Same SSID for the guest network?
May be another thought you may think of is having different SSID of guest with different subnet and just give them access to Internet.
This simplifies and adds security.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
WinsoupAuthor Commented:
At least I'm on the right path now, thanks Anuroopsundd.

I've created a new SSID and subnet for guest wireless. I'll have to play around on Monday to get everything configured since I haven't had a chance to yet. I'll update you on Monday!
WinsoupAuthor Commented:
Your comments definitely got me rolling down the right path. I'll have to wait until off hours to do more testing and change the encapsulation on the switches to trunk instead of access but I believe I should be fine from here on out. Thanks.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.