Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Use third-party 802 1X client in Windows
Network administration - Deploying using 802.1X authentication for wireless or wired access in the network means that users must install the 802.1X client on their computer or device . In this article we will show you some third-party modules in case you implement a less-used EAP type that Windows itself does not support.
The client communicates with the RADIUS server (such as NPS or IAS on Windows Server) via the access point or switch by several different EAP protocols. From Windows 2000 SP4, Microsoft has support for EAP-TLS and Protected EAP (PEAP) protocols.
However, it is possible that you need to use other EAP protocols (such as EAP-TTLS, EAP-FAST or LEAP) if your access points, switches or RADIUS servers do not support Support (or not configured) EAP-TLS or PEAP. In this case, you must install and use another company's 802.1X client on Windows computers. However, we need to make sure the RADIUS server also supports that protocol. Note; NPS and IAS on Windows Server only support EAP-TLS and PEAP.
SecureW2 Enterprise Client
SecureW2 Enterprise Client is a commercial product of SecureW2 BV (a Dutch company). It supports 32-bit and 64-bit computers running Windows XP, Windows Vista and Windows 7, whatever service packages are installed. In addition, 32-bit and 64-bit systems running Windows Server 2003 and 2008 are also supported. However, you should note that the product does not support Mac OS X or Linux.
SecureW2 also offers mobile client solutions, support for Microsoft Pocket PCs and Smartphone 2002/2003, Windows Mobile 2003/2003 SE and Windows Mobile 5, 6, 6.1, 6.5. Currently, the new Windows Phone 7 platform is not yet supported.
The interface of the SecureW2 Enterprise Client (Figure 1) allows you to configure authentication settings for wired and wireless connections. It does not disable Windows' built-in wireless utility, so users can manage other network connection settings with the Windows-friendly interface.
Use third-party 802 1X client in Windows Picture 1
Figure 1
SecureW2 Enterprise Client supports the following EAP types:
- EAP-PEAP
- EAP-TTLS
- EAP-GTC
- EAP-SIM
SecureW2 Enterprise Client offers many other features than the basic features of an 802.1X client. You can provide authentication settings via XML, INF or INI for settings. You can also create MSI packages that contain settings and certificates. Authentication settings can be blocked to prevent users from changing them. The wireless interface can be automatically disabled when a wired connection is established.
Cisco Secure Services Client
If you're looking for a Cisco product, the one I want to show you is the Cisco Secure Services Client. Currently 32-bit versions of Windows 2000, Windows 2003 Server Enterprise Edition and XP Professional are supported, and there are also 32-bit and 64-bit versions of Windows Vista Business, Enterprise and Ultimate. support.
Remember, Cisco also provides many modules for adding EAP-LEAP and EAP-FAST support to the wireless interface of Windows Vista and Windows 7, which is the module that we will cover in the next section.
The Cisco Secure Services Client has only a limited set of features for free and trial subscriptions. For more important features, you need to buy a subscription, the price offered starts at $ 60 for 250 machines.
Cisco Secure Services Client has a user interface (Figure 2) and is an upgraded version from Meetinghouse's old AEGIS SecureConnect software application. The supported EAP types are listed below:
- EAP-PEAP
- EAP-FAST
- EAP-LEAP
- EAP-TLS (Windows 2000 / XP only)
- EAP-TTLS (Windows 2000 / XP only)
- EAP-MD5 (Windows 2000 / XP only)
- EAP-GTC (Windows 2000 / XP only)
Use third-party 802 1X client in Windows Picture 2
Figure 2
The Cisco Secure Services Client also has an automatic VPN connection feature, which can be used when Cisco IPSec VPN client is installed to minimize user intervention when establishing a VPN connection. In addition, it also has the ability to prevent users from arbitrarily changing the configuration.
EAP-LEAP and EAP-FAST modules
If you want to use EAP-LEAP or EAP-FAST protocols and users are using Windows Vista or Windows 7 (32-bit or 64-bit), you can use Cisco free modules to support Added for Windows interface. Instead of using a third-party program (like the Cisco Secure Services Client), you need to configure the settings via Network Properties in Windows, as shown in Figure 3 below.
Use third-party 802 1X client in Windows Picture 3
Figure 3
However, we still need some tricks to install EAP-LEAP and EAP-FAST modules. Sometimes Windows Update automatically downloads and installs these modules, and they will appear to appear as an authentication method on the Network Properties dialog box. Or sometimes we have to change the Registry to do this.
Xsupplicant of Open1X
Xsupplicant is a free open source project of Open1X and previously OpenSEA. However, only Windows XP (32-bit) and Linux (32 and 64 bit) versions are officially supported. Support for Windows Vista and Windows 7 (32 and 64 bit) is currently under study.
Xsupplicant provides a GUI application (see Figure 4) for managing Wi-Fi interfaces with additional 802.1X authentication for wireless and wired connections. It also has a logging feature and allows setting advanced authentication settings as well as timers. The advantage of using this method is that you have a wide range of supported EAP types:
- EAP-PEAP
- EAP-FAST
- EAP-LEAP
- EAP-TLS
- EAP-TTLS
- EAP-MSCHAPv2
- EAP-MD5
- EAP-AKA
- EAP-GTC
- EAP-OTP
- EAP-SIM
- EAP-TNC
Use third-party 802 1X client in Windows Picture 4
Figure 4
WPA_Supplicant
Wpa_supplicant is an open source project that, on the other hand, supports wireless and wired connections. This client can run on Windows2000 and XP, Mac OS X, Linux and BSD. Although it does not support Windows Vista and later versions, this client gives you the same configuration in a variety of other wireless operating systems and drivers. It has a GUI interface (wpa_gui) as shown in Figure 5 below.
Use third-party 802 1X client in Windows Picture 5
Figure 5
Wpa_supplicant supports a series of EAP types below:
- EAP-PEAP
- EAP-FAST
- EAP-LEAP
- EAP-TLS
- EAP-TTLS
- EAP-MSCHAPv2
- EAP-MD5
- EAP-AKA
- EAP-GTC
- EAP-OTP
- EAP-SIM
- EAP-TNC
- EAP-GPSK
- EAP-IKEv2
- EAP-PAX
- EAP-SAKE
Lesley MontoyaYou should read it
- How to configure NTP Server and NTP Client in Windows Server 2019
- AuthenticateMyWiFi wifi authentication
- Install Windows Server 2003 and create a backup server
- Install the client (Client) for ISA
- What is the Client Server Runtime Process or csrss.exe and why does it run on the computer?
- How to Install, Configure, and Test Windows Server 2012 R2 Single Subnet DHCP Server
- KMS activation deployment for Windows 10, Windows 8.1, Windows Server 2012 R2, Windows Server 2016
- HOW TO INSTALL ISA SERVER ENTERPRISE 2000 - Part III
- Instructions for using FreeRADIUS for Wi-Fi authentication - Part 1
- Configure SSH Server and SSH Client on Windows Server 2019
- Setting up Wi-Fi authentication in Windows Server 2008 - Part 1
- Some new points in the network connection of Windows Server 2008 R2
May be interested
Controlling Internet access - Part 4: TMG Network and Network Rule
Network testing with Network Monitor 3.4 - Part 1
Linksys E-series aims to connect to wireless standard n
Windows User State Virtualization - Part 4: Complex environment
Wireless network traffic security - Part 1
Windows User State Virtualization - Part 5: Complex environment
LAN - WAN
How to activate and use SSH commands on Windows 10
5 best torrent clients for Windows
How to Set Default Email Client in Windows 11
DNSCrypt client for Windows: Encrypt data from computer to DNS
How to set up the default email client on Windows 10- Instructions for activating TFTP and Telnet Client on Windows 10
How to set up the default email client on Windows 10
Instructions for activating TFTP and Telnet Client on Windows 10