+ Post New Thread
Results 1 to 5 of 5
Wireless Networks Thread, Radius and Certificate help/advice in Technical; ...
  1. #1

    Join Date
    Jan 2012
    Posts
    31
    Thank Post
    1
    Thanked 5 Times in 5 Posts
    Rep Power
    6

    Radius and Certificate help/advice

    Hi,

    We are after some help and advice on setting a radius server up. We have cisco 2500 wireless controller with Air 2600 AP’s.

    We would like to have a radius server to authenticate users and check computers health before they get on to the network. We would also like to have the user log into the Smoothwall when connecting to the internet.

    We have installed a new server with windows 2008r2 which we would like to use as the radius server. We have everything installed but we are having problems with the certificate side of things. We followed the following article NPS, Wireless LAN Controllers, and Wireless Networks Configuration Example - Cisco

    When a computer tries to connect to the network we get the following “Windows was unable to connect to SSID” and in event view we get the following “the certificate received from the remote server was issued by an untrusted certificate authority.”

    I have searched the forum for answers but can’t find much. It seems everyone’s setup is different as you would expect.

    Thanks
    Kenny

  2. #2

    Join Date
    Oct 2005
    Posts
    846
    Thank Post
    51
    Thanked 115 Times in 105 Posts
    Rep Power
    74
    What certificate are you using? If it's self generated have you told the clients to trust it?

  3. #3


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,649
    Thank Post
    275
    Thanked 780 Times in 607 Posts
    Rep Power
    224
    Assuming you've followed the instructions from the link and created an Enterprise CA, but used something that isn't* a Domain Controller to do so.....

    ...have you verified that the client machines are getting the certificate from the CA? Assuming it's a domain-joined windows machine that's had a group policy refresh via a wired connection since you created the CA, they should trust any certificates issued by your new CA.



    *migrating CAs is annoying if they're also a DC - it's a classic "shoot yourself in the foot, delayed by X years" move.

  4. #4

    Join Date
    Jan 2012
    Posts
    31
    Thank Post
    1
    Thanked 5 Times in 5 Posts
    Rep Power
    6
    Thanks for reply's.

    We are using a self-generated certificate and the server isn't a domain controller. The laptops we are trying to connect are not on the domain.

    I think we are a little confused by the whole thing. We don’t need the laptops to authenticate with the domain control we just need them to log in to Smoothwall via the secure logon page. The wireless is setup on its own vLan and we thought we would use a Radius server to check that anti-virus, windows updates etc. were installed.

    Any help in point us in the right direction would be appreciated.

    Kenny

  5. #5

    Join Date
    Oct 2005
    Posts
    846
    Thank Post
    51
    Thanked 115 Times in 105 Posts
    Rep Power
    74
    Ok - As it's a self signed cert the clients will need to know to trust the certificate - otherwise it could be authenticating against anything and how can it know it's safe?

    So your options are - either use a "proper" certificate, or add the certificate to the clients' certificate store so that it's trusted.

    Once you've done this you can then use the NAP features to do what you want to do.

SHARE:
+ Post New Thread

Similar Threads

  1. IIS7 Configuration help and SSL Certificate help please!!!!
    By pcwise27 in forum Windows Server 2008 R2
    Replies: 1
    Last Post: 21st August 2012, 09:24 AM
  2. Microsoft TMG V Smoothwall Pros and cons (help/advice)
    By PEO in forum Internet Related/Filtering/Firewall
    Replies: 5
    Last Post: 27th February 2012, 07:48 AM
  3. IAS and certificate "weirdness" (WiFi Radius Auth)
    By amfony in forum Wireless Networks
    Replies: 4
    Last Post: 5th October 2011, 06:56 AM
  4. RADIUS and IAS
    By HodgeHi in forum Wireless Networks
    Replies: 98
    Last Post: 30th April 2009, 10:39 AM
  5. Replies: 6
    Last Post: 24th February 2006, 08:36 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •