Windows Thread, setting up a RADIUS server for wireless authentication in Technical; hi
at the previous place where i worked we had a wireless network with an ias server doing wireless authentication. ...
7th February 2010, 05:30 PM #1
setting up a RADIUS server for wireless authentication
at the previous place where i worked we had a wireless network with an ias server doing wireless authentication. it was setup so that when the user logged on with a domain user account they could access wireless, with a local account they could not. (i believe)
I am now trying to replicate this setup at another site, but have never set it up before. All i know is it used IAS and cert services, and i imagine some way to deploy certs based on user account (GP?)
my question is does anyone know how to set this up and could they provide me with the steps to go through?
I know this is quite tricky as the NM who set it up at the last place spent two weeks doing it!!
thanks in advance
7th February 2010, 05:48 PM #2
This topic has been discussed loads on edugeek.
Check this site out fella. If you are wanting to use Windows 2003 IAS then following the notes on this link will certainly help you. Its a very good guide:
It's slightly changed in 2008 IAS has been replaced with Network policy server or NPS.
I have just set one up where I work and after issues which I couldn't figure out I got some external help and it was a config issue on the NPS server, now though it seems to be working well.
There is some microsoft documentation step by step showing you how to setup in 2008, I would follow those. You can message me if you wish I may be able to help.
Here's everything you want to know about setting up wireless on Microsoft network: http://technet.microsoft.com/en-us/n.../bb530679.aspx
Last edited by ranj; 7th February 2010 at 05:54 PM.
2 Thanks to ranj:
bart21 (7th February 2010), Jawloms (3rd February 2013)
21st September 2010, 03:25 PM #3
21st September 2010, 03:53 PM #4
Is your NPS server certificate still valid?
22nd September 2010, 01:38 PM #5
- Rep Power
I did look at this funny enough and it was the only thing I wasn't sure about! I have RADIUS/NPS setup at two sites and the certificates are different (the only thing different between the two), the certificate at the site which isn't working says it is still valid under the Edit Protected EAP properties but the server I got the certificate from I don't know whether it exist any more (As it is/was one at head office) does that matter?
1. Am I look at the right bit about certificates? (Under Authentication Methods/Edit Protected EAP properties?
2. How would I renew it? Do you think I need to renew it?
22nd September 2010, 01:49 PM #6
When you view the certificate does it say you have the private key?
22nd September 2010, 02:20 PM #7
- Rep Power
I don't know I couldn't find anywhere where I could view the the cert. I took a look at this NPS Server Migration: Verifying the Migration under "Verifying authentication methods" but couldn't find how to view the cert. Here is a screen shot of what I found:
22nd September 2010, 02:28 PM #8
That looks fine. What does the security log show when you try and connect (it logs the NPS authentication)
Originally Posted by FatBoy
Thanks to DMcCoy from:
FatBoy (23rd September 2010)
22nd September 2010, 02:28 PM #9
I found this great guide right here on Edugeek.
Sorry I can't remember where I got it from for their due credit!
2 Thanks to chazzy2501:
FatBoy (23rd September 2010), truebluesteve (14th November 2013)
22nd September 2010, 03:58 PM #10
- Rep Power
Thanks for the help guys, the problem I'm having is at a remote site which I'm going to tomorrow. I'll try and get the clients to connect tomorrow and let you know what the security logs says
chazzy thanks for the guide, the only problem is I'm using 2008's NPS not IAS, same but different if you know what I mean. either way there is still some good info in there.
23rd September 2010, 11:53 AM #11
9th December 2010, 07:09 PM #12
- Rep Power
I followed the guide provided by Ranj and chazzy and built the IAS server (Windows Server 2003) using the self-signed certificate. I'm using a cisco AIR-AP1252G-A-K9 running c1250-k9w7-tar.124-21a.JY in autonomous mode. The problem is that whenever I try to connect to the network it keeps re-opening the authentication window over and over not accepting a working AD user account. There are no error logs from event viewer on the server.
By ranj in forum Windows Server 2008 R2
Last Post: 26th April 2010, 11:49 AM
By jayemm in forum Wireless Networks
Last Post: 22nd September 2009, 10:50 AM
By maniac in forum Wireless Networks
Last Post: 23rd October 2008, 09:10 AM
By jamin100 in forum Wireless Networks
Last Post: 22nd July 2008, 10:50 PM
By spc-rocket in forum Wireless Networks
Last Post: 3rd January 2008, 06:15 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)