General discussion


802.1x WPA in Windows Domain

By tterry ·
I have setup wireless AP's which laptops connect to using 802.1x Authentication with WPA (TKIP) encryption. My problem is that 802.1x authentication has to occur to open a wireless connection to the network, therefore users are unable to logon to the domain as this is attempted before 802.1x authenticates.
There are 3rd party clients available from companies like Funk, but it is $59.00 per license. I an looking for a modified gina.dll which allows 802.1x to authicate before logging onto the domain.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

802.1x solution?

by jasonwright365 In reply to 802.1x WPA in Windows Dom ...

I have been looking for the same solution to the problem of authenticating 802.1x using a gina. I'm assuming that you would like a .dll for authenticating with mschapv2. It seems that Microsoft has APIs and dlls for eap authentication. Google "EAP API" You could write your own dll for authentication.
Admittedly, this doesn't seem like a very practical solution. I'm interested in writing a dll which would make this easier for windows. I plan to GPL my code and efforts.
If you would like to help subsidize my efforts, it would give me more incentive to write this application. Give me a note back, if you're interested.

Collapse -

the same problem ...

by christian-hohmann In reply to 802.1x solution?

Hi tterry, hi jasonwright,

I am working on an academic project dealing with the same problem, not on wlan, but on lan. The problem seems to be the same, Windows wants first to connect with the domain-controller but has no access to it until 802.1x is done.

Have you solved the problem? I would be very glad if you could give me a hint.

Kind Regards - Christian

Collapse -

802.1X authentication

by jasonwright365 In reply to the same problem ...

Sorry I haven't gotten back sooner. I have not solved this problem. The way to solve this problem is to use a different login gina. msgina.dll handles authentication to the computer. To get the authentication to use 802.1X instead of active directory or the local password hashes requires a rewrite of the library. Cisco recently acquired a company (Meetinghouse I think the name is) which does this (and more), but their software costs $30-50 per computer. pGina is an application which is open source and allows modules to be written for authentication. So far, none have been written for 802.1X. So to accomplish this project, you will need to write a module which authenticates via 802.1X. Now there are a number of authentication methods for 802.1X (just google it) but the password-based authentication which already has support for XP is EAP/MSCHAPv2. good luck. If you'd like some more info, email me at my gmail account with the same username. jasonwright365

Collapse -

computer authentication

by tech-rex In reply to the same problem ...

does it not have the option to authenticate as computer ( member of the domain )

Collapse -

same problem faced with the Wired Lan

by rajiv_2_s In reply to 802.1x WPA in Windows Dom ...

Did you got any solution to your problem. please give me some hint, bcoz i m also stuck with the similar problem.

Related Discussions

Related Forums