 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Pocket PC Forum / End Users / Wireless / October 2008802.1x and HP iPAQ 210 WM6
Hi, We are currently attempting to deploy some new iPAQ 210 mobile devices running Windows Mobile 6 Classic, and would like to setup secure wireless to the corporate WLAN. We have 802.1x currently in place with a Windows Server 2008 Enterprise Root CA. We are rather new to the PDA wireless encryption technology, and would like the devices to be on the WLAN without prompting the users for authentication (instead have a power on password). We have successfully implemented PEAP technology on them, but would like to issue a device certificate to them so they will not prompt for authentication if possible. The PEAP implementation seemed to be a little buggy since it would sometimes authenticate and sometimes would not, which is a problem for the end users. After two or three tries it would always work, but it did not seem to be a reliable solution. Also, after a soft reset the devices would prompt for authentication once again. Notebook users do not have any problem authenticating to the WLAN so the infrastructure seems to be sound. Using Certificates, the devices prompt for a username and domain, but no password. They are also prompting for this it seems at random stages after powering them off and on or after a soft reset. Would someone with a little experience with this technology care to make some recommendations in regards to the best way to achieve this? Would configuring a new SSID and WPA-PSK be a better solution for the very limited number of PDA that will be participating on the wireless network (right now 2, soon to be perhaps close to 10 in a month or two)? Thank you, Jeff > Hi, > [quoted text clipped - 4 lines] > Thank you, > Jeff If you're comfortable having the devices connect to the WLAN without prompting for passwords then WPA-PSK would give you a reasonable path as long as you make your passphrases strong or don't use passphrases but go straight to random keys. I've connected my iPaq to a 802.1x test network running a FreeRadius server and, if I remember correctly, was able to connect without additional passwords. I was using EAP-TLS for my experiment and had the client certificate on the iPaq. Is your main concern encryption or authentication? Andrew Thanks for the reply, My main concern would be encryption strength We did end up going with WPA-PSK and it seems to be working fine and gives us the compatibility we need. It seemed that using every Windows Server 2008 option and certificates we were always prompted for some set of credentials at random. Since both Windows Server 2008 is new to market as well as the PDA product, we decided to go with the best compatibilty route. Thanks, Jeff On Sep 7, 4:48 pm, "Jeff" <u...@domain.com> wrote: > Hi, > [quoted text clipped - 25 lines] > Thank you, > Jeff If you're comfortable having the devices connect to the WLAN without prompting for passwords then WPA-PSK would give you a reasonable path as long as you make your passphrases strong or don't use passphrases but go straight to random keys. I've connected my iPaq to a 802.1x test network running a FreeRadius server and, if I remember correctly, was able to connect without additional passwords. I was using EAP-TLS for my experiment and had the client certificate on the iPaq. Is your main concern encryption or authentication? Andrew |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.