A
Andrew
Anyone know if there is a way to specify separate AuthMode and
SupplicantMode values (in
HKEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters\General\Global\AuthMo
de) for wired and wireless networks?
We're running 802.1x on both wired and wireless, but on the wireless side we
just want to do computer authentication and on the wired side we want to do
both computer and user authentication. It looks like I'm out of luck
because there's only one place to set the AuthMode setting and both
connections use it.
This is confusing though:
<quote from
http://www.microsoft.com/technet/itsolutions/network/wifi/wififaq.mspx?pf=true >
Q.What is the purpose of the SupplicantMode registry value?
A.The SupplicantMode registry value
(HKEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters
\General\Global\SupplicantMode) affects the behavior of an 802.1X supplicant
when sending EAP over LAN (EAPOL)-Start packets during 802.1X
authentication. The SupplicantMode value can be set to the following:
..0 - Disable IEEE 802.1X operation.
..1 - Never send an EAPOL-Start packet.
..2 - Automatically determine when to initiate the transmission of
EAPOL-Start packets. This is the default value for wired connections.
..3 - Send an EAPOL-Start message upon association to initiate the 802.1X
authentication process, for compliance with the IEEE 802.1X specification.
This is the default value for wireless connections.
</quote>
Notice how it says a setting of 2 is for wired connections is the default
and a setting of 3 is for wireless. ow can it have two different defaults if
it only allows you one place to set it for ALL connections?! I must be
missing something here...
-Andrew
SupplicantMode values (in
HKEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters\General\Global\AuthMo
de) for wired and wireless networks?
We're running 802.1x on both wired and wireless, but on the wireless side we
just want to do computer authentication and on the wired side we want to do
both computer and user authentication. It looks like I'm out of luck
because there's only one place to set the AuthMode setting and both
connections use it.
This is confusing though:
<quote from
http://www.microsoft.com/technet/itsolutions/network/wifi/wififaq.mspx?pf=true >
Q.What is the purpose of the SupplicantMode registry value?
A.The SupplicantMode registry value
(HKEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters
\General\Global\SupplicantMode) affects the behavior of an 802.1X supplicant
when sending EAP over LAN (EAPOL)-Start packets during 802.1X
authentication. The SupplicantMode value can be set to the following:
..0 - Disable IEEE 802.1X operation.
..1 - Never send an EAPOL-Start packet.
..2 - Automatically determine when to initiate the transmission of
EAPOL-Start packets. This is the default value for wired connections.
..3 - Send an EAPOL-Start message upon association to initiate the 802.1X
authentication process, for compliance with the IEEE 802.1X specification.
This is the default value for wireless connections.
</quote>
Notice how it says a setting of 2 is for wired connections is the default
and a setting of 3 is for wireless. ow can it have two different defaults if
it only allows you one place to set it for ALL connections?! I must be
missing something here...
-Andrew