DOT1X and Remote Desktop Connections

dwhisinnand · ‎01-04-2006

Hi,

I currently have a test group in place for wired DOT1X. Now I'm trying to work out a few problems that have surfaced before deployment. The current problem is when a user makes a Remote Desktop connection to the DOT1X enabled PC. The remote PC that is initiating the Remote Desktop connection is in the qualifying computers group in A/D and the user is logged into the remote computer with the same userID as they use in the DOT1X enabled PC. So the problem is that after connection is successfully made, 30 seconds later, the connection is dropped and the port state on the switch is in "unauthorized." I assume this is by design and has to due with a timer. I have enabled Multihost thinking that DOT1X is seeing 2 machines trying to authenticate to one port and is thus going to an “unauthorized” state. Is there a DOT1X parameter that would allow these types of connections to be made to DOT1X enabled machines w/o compromising the idea of DOT1X? Thanks for any help you can provide.

jimmie25h69 · ‎01-05-2006

This from my previous post. This only applies to the MS supplicant. RD works with a 3rd party supplicant.

I hardcoded Machine Auth ONLY to ensure not breaking RD until fixed.

From MS FAQ:

Q.Do Remote Desktop connections work to Windows wireless clients that use 802.1X authentication?

A.Not at this time. All 802.1X-based wireless connections are affected, including those using EAP-TLS or PEAP-MS-CHAP v2. Connections using a static WEP key or WPA-PSK are not affected. Microsoft is investigating this issue.

http://www.microsoft.com/windowsserver2003/techinfo/overview/wififaq.mspx