Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2616
Views
0
Helpful
2
Replies

Wired 802.1x Windows supplicant parameter

Go to solution
milos_p
Level 1
Level 1

‎10-12-2021 02:56 AM

Hi guys,

 

My plain is to use wired 802.1x with EAP-TEAP and MSCHAPv2 for both user and computer auth from AD (chained).

I will use "Automatically use my Windows logon name and password) under MSCHAPv2 config.

 

Can somebody explain what "Remember my credentials for this connection each time I'm logged on" practically do in my case?

 

I am reading in many different documents, but still cannot understand the implication of having that checkbox ticked or unticked, what will make the difference.

 

 
 
 

TEAP-supplicant.png

 

 

Thanks,

Milos

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
milos_p
Level 1
Level 1
In response to Arne Bier

‎12-23-2021 12:32 AM

Hi Arne,

 

In the end, I realized that for me, this parameter doesn't have any impact simply because I am always using user AD credentials and they are provided automatically via "Automatically use my Windows logon name and password (and domain if nay)" checkbox for EAP-MSCHAPv2 which I am using as the inner method.

I am never in the situation that popup is showing to input EAP credentials, which I believe is the purpose of this parameter, to cache credentials in order not to manually input it every time for the same connection.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Arne Bier
VIP
VIP

‎12-22-2021 01:13 PM

Hi @milos_p 

 

did you find any answers elsewhere on this topic? If not then it may need some lab experimentation to come to a satisfactory answer. e.g. setup two users in AD, and tick that box. Test supplicant configured with Machine auth only. I don't expect this option will make any impact.

Then test with user auth only. In this case the Windows supplicant will authenticate using EAP after the user has logged in at the locked screen. It's been a while, but the initial EAP-PEAP encounter in Windows will pop up a simple dialog box to enter your network credentials. Perhaps this is the information that is cached for future use.

0 Helpful

Go to solution
milos_p
Level 1
Level 1
In response to Arne Bier

‎12-23-2021 12:32 AM

Hi Arne,

 

In the end, I realized that for me, this parameter doesn't have any impact simply because I am always using user AD credentials and they are provided automatically via "Automatically use my Windows logon name and password (and domain if nay)" checkbox for EAP-MSCHAPv2 which I am using as the inner method.

I am never in the situation that popup is showing to input EAP credentials, which I believe is the purpose of this parameter, to cache credentials in order not to manually input it every time for the same connection.

0 Helpful
Customers Also Viewed These Support Documents