Checklist: Configuring a first-time Ethernet switch client for authenticated access
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Checklist: Configuring a first-time Ethernet switch client for authenticated access
This checklist applies only to Ethernet client computers that use EAP-TLS authentication.
| Step | Reference |
|---|---|
Configure the IAS server for authenticated switch access. |
Checklist: Configuring the IAS server for authenticated switch access |
Configure the network connection that corresponds to your Ethernet network adapter for EAP-TLS authentication. |
Right-click the network connection, and then click Properties. Click the Authentication tab, and then select Smart Card or other Certificate as the Extensible Authentication Protocol (EAP) type. Click Properties, and then click Use a certificate on this computer. Click OK three times to save changes to the network connection. |
Connect your Ethernet client computer to the Ethernet switch. |
|
After your Ethernet client computer has unauthenticated access, join the domain. |
|
Restart the computer when prompted and log on to the domain. Although you will still have a guest connection, the Ethernet client computer is issued a computer certificate during the startup and domain logon process. |
|
After 10 minutes, your Ethernet client computer is disconnected because of the dial-in constraint in the first-time Ethernet client remote access policy that has been configured on the IAS server. When the Ethernet client computer reconnects, it will authenticate with the new computer certificate and receive an authenticated connection to the Ethernet switch. |
|
Note
- You can configure IAS in Windows Server 2003, Standard Edition, with a maximum of 50 RADIUS clients and a maximum of 2 remote RADIUS server groups. You can define a RADIUS client using a fully qualified domain name or an IP address, but you cannot define groups of RADIUS clients by specifying an IP address range. If the fully qualified domain name of a RADIUS client resolves to multiple IP addresses, the IAS server uses the first IP address returned in the DNS query. With IAS in Windows Server 2003, Enterprise Edition, and Windows Server 2003, Datacenter Edition, you can configure an unlimited number of RADIUS clients and remote RADIUS server groups. In addition, you can configure RADIUS clients by specifying an IP address range.