I am pretty sure there is no way to push keys/passphrases to clients via group policy. Does anyone have a solution to have clients automatically authenticate with wireless devices? I was looking towards radius and wanted to get some opinions or advice. I am running a Server 2003 R2/XP SP3 environment.

Thanks.

Actually, we created a Group called "Wireless" & a Group Policy which only that group can execute.  In the GPO, go to Windows\Security\Wirless Network & setup your Wireless Policy.  We acutally use a Radius Server in conjunction with this & be sure to check "Enable IEEE 802.1x authentication & use PEAP for EAP Type.  I can try to find you some documentation if you need some additional help.

---

Ryan Patel
Sr. Network Engineer|BS|MCSE|CCNA

I am new to this arena and could use the help. So are you pushing keys or pass phrases? The end goal is to not have users typing in keys or pass phrases. Thanks for the help.

There is not a key or passphrase because you would be using RADIUS authentication which you can integrate with your Windows Domain logins.

---

Ryan Patel
Sr. Network Engineer|BS|MCSE|CCNA

Gotcha. Would you happen to have a "how to" or guide on setting this up? I built a W2K3 Enterprise virtual server and installed IAS, IIS, DNS, and made it a domain controller. I am wanting to build up a test environment to get it down and then push it to the production environment once I am confortable. It appears I need WAPs that support RADIUS, as well.

Thanks for the help.

http://www.hansenonline.net/Networking/wlanradius.html

This might get you started...

---

Ryan Patel
Sr. Network Engineer|BS|MCSE|CCNA

harcuvar:

 I built a W2K3 Enterprise virtual server and installed IAS, IIS, DNS, and made it a domain controller. I 

Not sure if this is just the test environment, but just so you know, installing IIS etc, on a DC is a no no :)

It's all a virtual test environment.

Okay so I am getting very frustrated at this point. I followed the tech republic's ultimate guide to wlan security pdf. I did everything it asks and I have retried it several times but my xp client just keeps trying to validate and never makes it. It keeps telling me to click ok to verify credentials but that's as far as I get. Please help. When I changed the port on the AP from 1812 to 1645 it worked once and then failed. Hmm...??? When I setup the XP client manually things seem to work, but when I try to deploy the settings, they never seem to match, in particular the trusted root certification authority isn't checked, even though I specify it in the GPO.

 

Ryan, in response to your setup, did you use certificates with PEAP or just PEAP? My clients all connect after a reboot but then drop the wireless connection after about 1 minute.

I got it all working. I think I will do a write up for others to use since most write ups are not for medium businesses and don't lean towards self signed certs.

Harcuvar

 When you get that write up done, shoot it off in an email to myself or Dan, and we can get it up on the 'blog' section If thats cool with you ? :)

 Thanks !