Is it possible to have eap-peapv0 connect before xp shows logon box?

Josh Hiner josh at
Wed Jan 28 17:00:56 CET 2009

So, I was going to use eap-tls to have the windows xp workstations sign 
into the wireless network before the user logs on  (by assigning a cert 
to the machine account) but tls is not working for users or machines and 
I would like to have a backup. I have eap-peopv0 and eap-ttls working 
fine but they require a client username and password to connect and 
those are not supplied until the user logs in. We have many clients here 
on roaming profiles, so their profiles time out if I set them to peap or 
ttls since the wireless doesnt fire up in time after they log in.

Is there a way to get peap or ttls (with ttls I use the SecureW2 client) 
to connect before the user logs on? I know that sounds lame because peap 
and ttls need a username and password... but maybe we can assign it 
statically in the background to the machine account or something? What 
are others doing? I really dont want wpa2-aes with a psk.

Thanks for any ideas. Hopefully I can get the eap-tls thing sorted out 
with help but would like a backup plan.


More information about the Freeradius-Users mailing list