Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

802.1x Without Certificates

Posted on 2013-02-04
2
Medium Priority
?
714 Views
Last Modified: 2013-02-05
Hi Experts,

I am using 802.1x to authenticate domain users through NPS and RADIUS.
This is currently working, with certificates however and I do not wish to use certificates.

I do not wish to use certificates because that means I need to either deploy the certificate via GPO which I cannot do since not all the machines are part of the domain.
OR
I have to manually install the certificate on all the devices which is not an option.
OR
I have to do what I am doing currently and uncheck the "validate certificate" option on each client manually.

So I basically want to do exactly what I am doing now but without certificates.

All help appreciated!
0
Comment
Question by:Gex010
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 41

Accepted Solution

by:
footech earned 1500 total points
ID: 38851494
You don't mention what authentication method you're using, but whether you're using (P)EAP-TLS or PEAP-MSCHAPv2, they both require a certificate on the NPS.  Your only options for the clients are to get them to trust the NPS cert, uncheck the "validate server certificate" box, or use a cert for the NPS from a publicly trusted CA (which the clients will already trust).  If you don't want certificates at all, don't use 802.1x.
0
 

Author Closing Comment

by:Gex010
ID: 38854180
I figured I wouldn't have much of a choice but I will stick with 802.1x since this is for a BYOD solution and so far Macbooks, android and apple mobile devices are all able to bypass the problem by offering a pop up to ignore the certificate, including windows mobile devices, so hopefully Windows 8 will get around this problem.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question