WPA Enterprise and Domain logon

Forums Network Management ZeroShell WPA Enterprise and Domain logon

  • This topic is empty.
Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #41071

    For some reason, under WinXPsp2, if I move my certificates to the machine container (instead of the user’s one) I cannot access my WPA eap/tls anymore – the certificat being nowere to be seen by Windows.

    I need is to establish a connexion before the Domain logon screen.


    I switched to PEAP authentication as per Paul Taylor documentation. The acces works fine once logged to my domain, but not before.

    If a create a user with the same name and password in ZS and tells the Windows XP client to “Automatically use my logon name and password” Radius gives me this error messages :

    15:49:45 	 Login incorrect: [gnagna] (from client hor-ap-001 port 0 cli 00-18-6E-1E-9F-46)
    15:50:45 rlm_eap: Identity does not match User-Name, setting from EAP Identity.

    What is the EAP Identity? I do not understand that part. Obviously the Windows client (the zeroconf’s one) tried the credentials, which is good. But for some reason got refuses.

    It is possible to “Authenticate as computer when computer information is available”. Is it possible to use that.

    Somehow I think that I would have to use the LDAP as my SAMBA database. Is this possible?


    To solve the problem, i basicly moved away from certificates for the authentication. I beleive that the PEAP/mschap required hashed passord that we found in SAMBA schema.

    Anyway, using securew2 I’m able to do WPA EAP/TTLS with PAP/mschapv2 in an inner tunnel. Works fine for the logon but the user is asked for a user/password once a while. I can live with that for now.

    I believe that this annoyance will be solves once I move my SAMBA backend to zeroshell. I can do that right?

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.