Setting up Wi-Fi AD Authentication in Windows Server 2008 quick question
-
Sunday, November 18, 2012 10:48 PM
Hi,
I have almost set it up already but I'm curious if I go ahead and add to NPS wireless connection on my network and configure one access point
to use it with certificate etc, will the other one (we use 2 access points) be working as before (no AD authentication) or will it require re-configuring as well and installing client certificate? Another words will my entire wireless be required to use certificates.
I'm asking because I'd like to do first some testing on one AP not disturbing users wireless traffic on the other.
thanks
- Edited by kc2ine Sunday, November 18, 2012 10:51 PM
All Replies
-
Monday, November 19, 2012 9:20 AMModerator
Hi,
Thanks for your post.
For certificate base authentication, you may choose EAP-TLS or PEAP-EAP-TLS. You can adjust it in network policy on RADIUS server.
In the network policy EAP type correspond to EAP authentication:
Microsoft: Smart Card or other certificate -> EAP-TLS
Microsoft: Protected EAP (PEAP) -> PEAP-EAP-TLS
Microsoft: Secured password (EAP-MSCHAP v2) -> PEAP-EAP-MSCHAP v2
In addition, you need to verify if the authentication method was supported by the AP. For the detailed steps, such as import certificate is necessary or not, you need reference the device instruction book or directly contact the vender for support.
For more information about certificate requirements for EAP-TLS, you may refer to the following article.
Certificate Requirements for PEAP and EAP
http://technet.microsoft.com/en-us/library/cc731363.aspx
Best Regards,
Aiden
If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
Aiden Cao
TechNet Community Support
-
Monday, November 19, 2012 4:59 PMthanks, but I think you didn't read my question...
-
Monday, November 19, 2012 10:20 PM
Hi,
I have almost set it up already but I'm curious if I go ahead and add to NPS wireless connection on my network and configure one access point
to use it with certificate etc, will the other one (we use 2 access points) be working as before (no AD authentication) or will it require re-configuring as well and installing client certificate?
I'm asking because I'd like to do first some testing on one AP not disturbing users wireless traffic on the other.
thanks
- Merged by Aiden_CaoMicrosoft Contingent Staff, Moderator Wednesday, November 21, 2012 3:16 AM duplicate
-
Wednesday, November 21, 2012 1:08 AM
Hi kc2ine,
if the second AP runs on a different SSID you can have both but you cant have both with the same SSID and different authentication settings.
Depending what exact access points model you have you may can configure multiple SSIDs per access point.
Regards,
Lutz
- Proposed As Answer by Aiden_CaoMicrosoft Contingent Staff, Moderator Wednesday, November 21, 2012 3:16 AM
- Marked As Answer by Aiden_CaoMicrosoft Contingent Staff, Moderator Tuesday, November 27, 2012 11:04 AM
-
Wednesday, November 21, 2012 3:12 AMModerator
Hi,
Sorry for the misunderstanding.
I know you want to deployment RADIUS authentication with one AP for test purpose, and leave anther AP to as normal status to serve wireless client. Am I right? If this is the situation, you may change the SSID with two APs. Always make sure the client connect to the working SSID.
Best Regards,
Aiden
If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
Aiden Cao
TechNet Community Support
- Proposed As Answer by Aiden_CaoMicrosoft Contingent Staff, Moderator Monday, November 26, 2012 2:52 AM
- Marked As Answer by Aiden_CaoMicrosoft Contingent Staff, Moderator Tuesday, November 27, 2012 11:04 AM
-
Wednesday, November 21, 2012 3:19 AMModerator
Hi Lutz,
I agree with you. See the duplicate thread later. Not just copy your idea. Sorry for the repost.
Best Regards,
Aiden
If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
Aiden Cao
TechNet Community Support
.png)
