Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
Radius Server 2008 with AD

Answered Radius Server 2008 with AD

  • Saturday, June 30, 2012 5:50 PM
     
     
    Sign In to Vote
    0

    Hi Experts,

    I am configuring my wireless controller Avaya WC8180 as Radius Cilent (192.168.10.10) which is connected to my Radius Server 2008 (192.168.10.100) and the radius server has been registered in Active Directory as well. All my access points will be managed by the wireless controller and users are required to login via local captive portal in wireless controller itself. Note that this is not security wireless connection setup (dot1x). When user is connected to that SSID, Avaya wireless controller captive portal will pop up. They need to use their current account in AD in order to connect to the network. My question is, do I need to configure/create Certificate?  Appreciate if you guys could help me on this.

    Thanks.


    • Edited by zulcap Saturday, June 30, 2012 5:51 PM
    •  
     

All Replies

  • Tuesday, July 03, 2012 7:10 AM
    Moderator
     
     Answered
    Sign In to Vote
    0

    Hi,

    Thanks for your post.

    It’s depended on which Authentication method you trying to deploy. For example, PEAP-MS-CHAP v2 is easier to deploy than EAP-TLS and PEAP-TLS. We only need to issue a valid certificate for the NPS server, and all clients need to trust the CA. For more detailed information, please refer to the follow article.

    802.1X Authenticated Wireless Deployment Guide

    http://technet.microsoft.com/en-us/library/dd283093(v=ws.10).aspx

    RADIUS Server for 802.1X Wireless or Wired Connections

    http://technet.microsoft.com/en-us/library/cc731853(v=ws.10).aspx

    NPS Certificates & Auto-Enrolment Issues (Discussion about Certificate requirement for Authentication)

    http://social.technet.microsoft.com/Forums/en-US/winserverNAP/thread/c8664ee3-f3b7-4105-a0a8-0e5a189e05a5

    Best Regards,

    Aiden

    Aiden Cao

    TechNet Community Support

     
  • Tuesday, July 03, 2012 4:28 PM
     
     
    Sign In to Vote
    0

    Hi Aiden,

    For my current setup, there will be no 802.1X Wireless connections as the authentication will go through the captive portal which is the login page. After the client has entered their username and password (existing account in AD), it will  be authenticated via  AD through the NPS 2008. What I am confused here, do I need to configure dot1x connection? Sorry, I am a new on this. Do you have any reference that I can use for my current setup? (Captive portal --> Radius Server 2008 --> AD)

    Anyway, thanks for the reply. Much appreciated.

    Regards,

    Zul

     
  • Wednesday, July 04, 2012 1:53 AM
    Moderator
     
     Answered
    Sign In to Vote
    0

    Hi,

    Then, you can choose password-based authentication method, such as MS-CHAP v2 or PAP. There is no certificate need to be deployment. You only need verify that both device and NPS server supported method you choose.

    Password-Based Authentication Methods

    http://technet.microsoft.com/en-us/library/cc732393(v=ws.10).aspx

    Best Regards,

    Aiden

    Aiden Cao

    TechNet Community Support

     
  • Wednesday, July 04, 2012 6:26 AM
     
     
    Sign In to Vote
    0

    Hello,

    I will try to do it first then I will update you on the progress. Thanks a lot Aiden, at least I have some ideas to get it done. Appreciate it.

    Regards.

     
  • Wednesday, July 04, 2012 10:21 AM
     
     
    Sign In to Vote
    0

    Hi,

    Do you have any documents or links that I can refer on the configuration step by step?

    Thanks.