locked
Help with setting up a radius server for BYOD devices RRS feed

  • Question

  • I have setup a RADIUS server with server 2012 r2 following this guide.

    https://www.youtube.com/watch?v=lWUs9pwUcuc

    Its a little hard to understand his accent but I get the gist of it from what he's doing on screen.

    The only difference is that i chose to not use certificates since i would like my iphone and laptop that is not on the domain to be able to connect using my network username and password. (simulating BYOD) So I chose to use EAP-MSCHAP v2 (which doesnt require a client cert?) I do have a CA on another server just in case I need it. I'm currently using it for SSL WSUS.  I am using a Cisco e4200 dual band wifi router which does support WPA Enterprise.  I am using windows 8.1 on my laptop and ios 7 on my iphone 5. I did not manually create a profile like you see in the video because I would like it to work just entering in my network credentails like you would for a typical BYOD device and phone.

    When I try to connect using my domain username and password on either my laptop or iphone it fails to connect and I am not sure why. Since its using 802.1x do I need switches that support 802.1x? I just have a dumb switch at the moment just a typical 8 port dlink gigabit consumer grade switch. Overall it seems fairly simple to get this setup and working but I must be missing something since I cant seem to connect.

    Any ideas on how to use RADIUS in server 2012 r2 to connect to a typical wifi router which does support wpa2 enterprise and then getting my iphone and laptop which are not domain joined to connect as BYOD devices?

    Thanks!


    Saturday, November 23, 2013 8:16 PM

All replies

  • Hi,

    First, you can check the logs.

    EAP-MS-CHAP v2 is available only with PEAP. 

    Understanding 802.1X authentication for wireless networks

    http://technet.microsoft.com/en-us/library/cc759077(WS.10).aspx

    In order to eliminate if the switch causes the issue, you can pass by it.

    Connect wireless Access Point with NPS directly.

    Hope this helps.

    Monday, November 25, 2013 8:52 AM
  • When I check the logs there are no logs available so it appears its not even getting that far.  I can't do a direct connect because the NPS server is a VM and I don't have any more NICs available.
    Monday, November 25, 2013 6:00 PM