We use 802.1x through a Cisco WLC 4402 connected to an ACS server. The EAP is PEAP-MSCHAPv2. Right now the accounts on ACS are local to the ACS server--it's not a member of the domain that the computer labs live in. We'll be trying "wait for the network" first. If that doesn't work, maybe we'll put an ACS server in the computer lab domain. Thanks John
-----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of Mike King Sent: Wednesday, January 20, 2010 5:15 PM To: [email protected] Subject: Re: [WIRELESS-LAN] wireless labs I don't have a silver bullet answer because I would need more information. 1. Are you using 802.1x or just PSK? 2. What kind of EAP if you are using 802.1x (PEAP)? 3. What is your RADIUS server (if using 802.1x)? Machine Authentication is where I'm leading with those questions. For the short term, this might help (or really hurt) (I'm cribbing these notes from Cisco's NAC / Logon scrip FAQ) http://www.cisco.com/en/US/products/ps6128/products_configuration_exampl e09186a0080a70c18.shtml Ensure that the computer waits for the network to be available at the computer startup and logon. This GPO policy can be configured under Domain Policy > Computer Configuration > Administrative Templates > System > Logon. On Wed, Jan 20, 2010 at 5:01 PM, John York <[email protected]> wrote: Hi We are moving some of our labs from wired to wireless, but running into problems with the windows client. (We run Vista in our labs now, hopefully will change to 7 before long.) At present the machines autologin with cached credentials, then they authenticate to the wireless network. This causes problems in drive mapping and running group policies. We're trying to find a way to authenticate to the wireless at the machine level before any of the user level stuff runs. Years ago we did this with the Funk Odyssey client. Is there a way to do that through windows, or does it still require a third-party client? Thanks John ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
