+ Post New Thread
Results 1 to 12 of 12
Windows Thread, setting up a RADIUS server for wireless authentication in Technical; hi at the previous place where i worked we had a wireless network with an ias server doing wireless authentication. ...
  1. #1
    bart21's Avatar
    Join Date
    Aug 2009
    Location
    peterborough
    Posts
    405
    Thank Post
    79
    Thanked 54 Times in 52 Posts
    Rep Power
    20

    setting up a RADIUS server for wireless authentication

    hi

    at the previous place where i worked we had a wireless network with an ias server doing wireless authentication. it was setup so that when the user logged on with a domain user account they could access wireless, with a local account they could not. (i believe)

    I am now trying to replicate this setup at another site, but have never set it up before. All i know is it used IAS and cert services, and i imagine some way to deploy certs based on user account (GP?)

    my question is does anyone know how to set this up and could they provide me with the steps to go through?

    I know this is quite tricky as the NM who set it up at the last place spent two weeks doing it!!

    thanks in advance

    bart

  2. #2
    ranj's Avatar
    Join Date
    Feb 2006
    Location
    Birmingham
    Posts
    730
    Thank Post
    98
    Thanked 42 Times in 32 Posts
    Rep Power
    25
    This topic has been discussed loads on edugeek.

    Check this site out fella. If you are wanting to use Windows 2003 IAS then following the notes on this link will certainly help you. Its a very good guide:

    http://www.edugeek.net/forums/networ...as-server.html

    It's slightly changed in 2008 IAS has been replaced with Network policy server or NPS.
    I have just set one up where I work and after issues which I couldn't figure out I got some external help and it was a config issue on the NPS server, now though it seems to be working well.

    There is some microsoft documentation step by step showing you how to setup in 2008, I would follow those. You can message me if you wish I may be able to help.

    Here's everything you want to know about setting up wireless on Microsoft network: http://technet.microsoft.com/en-us/n.../bb530679.aspx
    Last edited by ranj; 7th February 2010 at 05:54 PM. Reason: addition

  3. 2 Thanks to ranj:

    bart21 (7th February 2010), Jawloms (3rd February 2013)

  4. #3
    FatBoy's Avatar
    Join Date
    Oct 2007
    Location
    Kent, UK
    Posts
    251
    Thank Post
    55
    Thanked 20 Times in 16 Posts
    Rep Power
    17
    ranj - I see you were having problems with NPS and was wondering if I could ask you a couple of simple questions...

    We had NPS setup and working with a set of 16 laptops and all of a sudden they have stopped working :0s

    I had my RADIUS clients added and setup with there shared secret

    The connection request policies setup basically just to enabled connection all the time and nothing set in the the settings tab

    And under Netowrk Policies it set to grant access, unspecified network access server. Conditions set to Domain computers and Domain users.

    Constraints set to Protected EAP in authentication methods and a associated policy setup in AD to apply to the laptop which all worked well.

    I haven't touched it for ages and now it doesn't work. In the test phase I use to watch the client connect I believe in the eventvwr and see different NPS events happens now I can't fine anything!!! Just so I know I'm not going mad it was the System event log the messages are logged in yes?

    Did you use any other tools apart from event log meesages to solve your issue? Last time I set it up the event log was about all I needed but now I can't see anything logged!!!!!!

  5. #4
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,464
    Thank Post
    10
    Thanked 496 Times in 436 Posts
    Rep Power
    113
    Is your NPS server certificate still valid?

  6. #5
    FatBoy's Avatar
    Join Date
    Oct 2007
    Location
    Kent, UK
    Posts
    251
    Thank Post
    55
    Thanked 20 Times in 16 Posts
    Rep Power
    17
    I did look at this funny enough and it was the only thing I wasn't sure about! I have RADIUS/NPS setup at two sites and the certificates are different (the only thing different between the two), the certificate at the site which isn't working says it is still valid under the Edit Protected EAP properties but the server I got the certificate from I don't know whether it exist any more (As it is/was one at head office) does that matter?

    1. Am I look at the right bit about certificates? (Under Authentication Methods/Edit Protected EAP properties?
    2. How would I renew it? Do you think I need to renew it?

    Thanks
    FB

  7. #6
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,464
    Thank Post
    10
    Thanked 496 Times in 436 Posts
    Rep Power
    113
    When you view the certificate does it say you have the private key?

  8. #7
    FatBoy's Avatar
    Join Date
    Oct 2007
    Location
    Kent, UK
    Posts
    251
    Thank Post
    55
    Thanked 20 Times in 16 Posts
    Rep Power
    17
    I don't know I couldn't find anywhere where I could view the the cert. I took a look at this NPS Server Migration: Verifying the Migration under "Verifying authentication methods" but couldn't find how to view the cert. Here is a screen shot of what I found:

    PEAP.png

  9. #8
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,464
    Thank Post
    10
    Thanked 496 Times in 436 Posts
    Rep Power
    113
    Quote Originally Posted by FatBoy View Post
    I don't know I couldn't find anywhere where I could view the the cert. I took a look at this NPS Server Migration: Verifying the Migration under "Verifying authentication methods" but couldn't find how to view the cert. Here is a screen shot of what I found:

    PEAP.png
    That looks fine. What does the security log show when you try and connect (it logs the NPS authentication)

  10. Thanks to DMcCoy from:

    FatBoy (23rd September 2010)

  11. #9
    chazzy2501's Avatar
    Join Date
    Jan 2008
    Location
    South West
    Posts
    1,801
    Thank Post
    215
    Thanked 264 Times in 214 Posts
    Rep Power
    67
    I found this great guide right here on Edugeek.

    Sorry I can't remember where I got it from for their due credit!
    Attached Files Attached Files

  12. 2 Thanks to chazzy2501:

    FatBoy (23rd September 2010), truebluesteve (14th November 2013)

  13. #10
    FatBoy's Avatar
    Join Date
    Oct 2007
    Location
    Kent, UK
    Posts
    251
    Thank Post
    55
    Thanked 20 Times in 16 Posts
    Rep Power
    17
    Thanks for the help guys, the problem I'm having is at a remote site which I'm going to tomorrow. I'll try and get the clients to connect tomorrow and let you know what the security logs says

    chazzy thanks for the guide, the only problem is I'm using 2008's NPS not IAS, same but different if you know what I mean. either way there is still some good info in there.

  14. #11
    FatBoy's Avatar
    Join Date
    Oct 2007
    Location
    Kent, UK
    Posts
    251
    Thank Post
    55
    Thanked 20 Times in 16 Posts
    Rep Power
    17
    Hi all,

    Just thought I would let you know its resolved It was sure a silly little problem in the end as most are when something that was working suddenly stops. I wasn't getting anything in the security or NPS logs about NPS connections so that made me think that the APs weren't even connecting to the server. For some reason the APs which are 3com Airconnect 9550 set them self's back to a previous state maybe from a power cut or something. The problem was I move the radius server sometime back from one server to another with the Ip address only changing from 10.140.1.1 to 10.140.1.0. The old setting was on the APs and were it was so similar I just didn't see it straight away!

  15. #12

    Join Date
    Dec 2010
    Location
    Dominica
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I followed the guide provided by Ranj and chazzy and built the IAS server (Windows Server 2003) using the self-signed certificate. I'm using a cisco AIR-AP1252G-A-K9 running c1250-k9w7-tar.124-21a.JY in autonomous mode. The problem is that whenever I try to connect to the network it keeps re-opening the authentication window over and over not accepting a working AD user account. There are no error logs from event viewer on the server.

    Any ideas?

SHARE:
+ Post New Thread

Similar Threads

  1. NPS/Radius authentication with wireless clients using 2008 R2
    By ranj in forum Windows Server 2008 R2
    Replies: 7
    Last Post: 26th April 2010, 11:49 AM
  2. 802.1x-Radius Wireless Authentication
    By jayemm in forum Wireless Networks
    Replies: 5
    Last Post: 22nd September 2009, 10:50 AM
  3. Troubleshooting a RADIUS wireless lan
    By maniac in forum Wireless Networks
    Replies: 8
    Last Post: 23rd October 2008, 09:10 AM
  4. Wireless and RADIUS
    By jamin100 in forum Wireless Networks
    Replies: 8
    Last Post: 22nd July 2008, 10:50 PM
  5. Wireless 802.1x RADIUS authentication using IAS server
    By spc-rocket in forum Wireless Networks
    Replies: 0
    Last Post: 3rd January 2008, 06:15 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •