Go Back   AnandTech Forums > Hardware and Technology > Networking

Forums
· Hardware and Technology
· CPUs and Overclocking
· Motherboards
· Video Cards and Graphics
· Memory and Storage
· Power Supplies
· Cases & Cooling
· SFF, Notebooks, Pre-Built/Barebones PCs
· Networking
· Peripherals
· General Hardware
· Highly Technical
· Computer Help
· Home Theater PCs
· Consumer Electronics
· Digital and Video Cameras
· Mobile Devices & Gadgets
· Audio/Video & Home Theater
· Software
· Software for Windows
· All Things Apple
· *nix Software
· Operating Systems
· Programming
· PC Gaming
· Console Gaming
· Distributed Computing
· Security
· Social
· Off Topic
· Politics and News
· Discussion Club
· Love and Relationships
· The Garage
· Health and Fitness
· Merchandise and Shopping
· For Sale/Trade
· Hot Deals with Free Stuff/Contests
· Black Friday 2014
· Forum Issues
· Technical Forum Issues
· Personal Forum Issues
· Suggestion Box
· Moderator Resources
· Moderator Discussions
   

Reply
 
Thread Tools
Old 11-08-2012, 10:21 AM   #1
RadiclDreamer
Diamond Member
 
RadiclDreamer's Avatar
 
Join Date: Aug 2004
Posts: 8,038
Default Prelogin Wireless options?

I've been using the intel proset wireless utility to have pre-login connection with XP machines. Now when trying to do the same thing with windows 7 it gives 2 separate login boxes which confuses our users.

What is the most simple way to accomplish pre login persistent connections with intel cards? My goal is to have the wireless behave like hardwired as much as is possible. I also need to make sure I leave the users the ability to select other wireless networks when away from the office, am I asking too much here or is this possible?
__________________
CCENT, CCNA, A+, Net+
RadiclDreamer is offline   Reply With Quote
Old 11-08-2012, 10:33 AM   #2
spidey07
No Lifer
 
spidey07's Avatar
 
Join Date: Aug 2000
Posts: 65,443
Default

It's possible, you have windows login as a machine account/machine auth and then it will switch to user auth once they login. Of course you'll need to have all your RADIUS up to snuff to allow it to happen.
__________________
___
(\__/)
(='.'=)
(")_(")
spidey07 is offline   Reply With Quote
Old 11-08-2012, 10:40 AM   #3
imagoon
Diamond Member
 
imagoon's Avatar
 
Join Date: Feb 2003
Location: Chicagoland, IL
Posts: 4,674
Default

Basically what spidey said:

Get RADIUS up, give the computer accounts wireless log in rights and they can log in. Certificates are by far better suited for this but GPO (i think been awhile) give "local systems" the wireless rights it needs to allow the computer accounts to log in (IE password / WPA2 settings etc). Once the user signs in, the wireless connection switches to user account.

Getting this set up correctly adds bonus points because the users windows account and password becomes wireless account and password, so the user never sees a login box, they just "automagically" end up on the wireless.

Last edited by imagoon; 11-08-2012 at 10:42 AM.
imagoon is online now   Reply With Quote
Old 11-08-2012, 01:15 PM   #4
RadiclDreamer
Diamond Member
 
RadiclDreamer's Avatar
 
Join Date: Aug 2004
Posts: 8,038
Default

Any idea how to setup computer accounts in Cisco Secure ACS? Thats what we use for auth currently

*Edit

I found in external user databases the option for allowing machine auth, but there is also a section that says exempt certain groups from machine auth. Does this mean if i enable machine auth that all users must pass machine auth before being allowed to do user auth as well?
__________________
CCENT, CCNA, A+, Net+

Last edited by RadiclDreamer; 11-08-2012 at 01:26 PM.
RadiclDreamer is offline   Reply With Quote
Old 11-12-2012, 09:25 AM   #5
RadiclDreamer
Diamond Member
 
RadiclDreamer's Avatar
 
Join Date: Aug 2004
Posts: 8,038
Default

Bump
__________________
CCENT, CCNA, A+, Net+
RadiclDreamer is offline   Reply With Quote
Old 11-12-2012, 09:32 AM   #6
spidey07
No Lifer
 
spidey07's Avatar
 
Join Date: Aug 2000
Posts: 65,443
Default

What version of ACS? The client is the one that decides to do machine or user auth, ACS just does a pass/no-pass on the auth request. To try to force machine and then user auth on top of it requires EAP chaining which is a very new concept and only in ISE I believe.
__________________
___
(\__/)
(='.'=)
(")_(")
spidey07 is offline   Reply With Quote
Old 11-12-2012, 11:20 AM   #7
RadiclDreamer
Diamond Member
 
RadiclDreamer's Avatar
 
Join Date: Aug 2004
Posts: 8,038
Default

Running 4.2 Appliance version. Really what I am looking for is the most simple way of having a device use generic credentials for auth and behave as close to wired as possible which was super easy with XP but Win7 has been a PITA about it.
__________________
CCENT, CCNA, A+, Net+
RadiclDreamer is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 12:40 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.