Solved

802.1x Without Certificates

Posted on 2013-02-04
2
705 Views
Last Modified: 2013-02-05
Hi Experts,

I am using 802.1x to authenticate domain users through NPS and RADIUS.
This is currently working, with certificates however and I do not wish to use certificates.

I do not wish to use certificates because that means I need to either deploy the certificate via GPO which I cannot do since not all the machines are part of the domain.
OR
I have to manually install the certificate on all the devices which is not an option.
OR
I have to do what I am doing currently and uncheck the "validate certificate" option on each client manually.

So I basically want to do exactly what I am doing now but without certificates.

All help appreciated!
0
Comment
Question by:Gex010
2 Comments
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 38851494
You don't mention what authentication method you're using, but whether you're using (P)EAP-TLS or PEAP-MSCHAPv2, they both require a certificate on the NPS.  Your only options for the clients are to get them to trust the NPS cert, uncheck the "validate server certificate" box, or use a cert for the NPS from a publicly trusted CA (which the clients will already trust).  If you don't want certificates at all, don't use 802.1x.
0
 

Author Closing Comment

by:Gex010
ID: 38854180
I figured I wouldn't have much of a choice but I will stick with 802.1x since this is for a BYOD solution and so far Macbooks, android and apple mobile devices are all able to bypass the problem by offering a pop up to ignore the certificate, including windows mobile devices, so hopefully Windows 8 will get around this problem.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I was asked to look into SCCM 2007 by my employer, having a degree of experience of earlier versions of SMS and some previous SCCM knowledge I didn't expect the procedure to involve to much time. I read a number of guides concerning it…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now