Remove From My Forums

RADIUS authentication without profile

Question
0

Sign in to vote

hey guys, I have setup a radius server, and ive noticied it works if i have the profile pre configured on the laptop, but if i delete the wireless profile and try to connect i get a prompt titled.. EAP-TLS and asking for domain\username and password, but it wont accept my credentials, is there a way to get RADIUS to work without having to push or manually configure a wireless profile to my machines?

Thanks...

Monday, May 5, 2014 6:59 PM

Answers

0

Sign in to vote
Hi,

Unfortunately, the available information is not enough have a clear view of the occurred behavior could you provide more information about your environment. For example, the server platform edition, the when you experience this issue what are you trying to do, when this problem occurs the system log record information, screenshots is the best information.

From your description we can’t sure whether you have deleted your client certificate, please confirm your client still have the required certificate.

The related KB:

Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS

http://support.microsoft.com/kb/814394/en-us

More information:

Event Logs

http://technet.microsoft.com/en-us/library/cc722404.aspx

Thanks.
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
- Marked as answer by Alex Lv Tuesday, May 20, 2014 8:34 AM
Thursday, May 8, 2014 8:42 AM

All replies

0

Sign in to vote
Hi,

Unfortunately, the available information is not enough have a clear view of the occurred behavior could you provide more information about your environment. For example, the server platform edition, the when you experience this issue what are you trying to do, when this problem occurs the system log record information, screenshots is the best information.

From your description we can’t sure whether you have deleted your client certificate, please confirm your client still have the required certificate.

The related KB:

Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS

http://support.microsoft.com/kb/814394/en-us

More information:

Event Logs

http://technet.microsoft.com/en-us/library/cc722404.aspx

Thanks.
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
- Marked as answer by Alex Lv Tuesday, May 20, 2014 8:34 AM
Thursday, May 8, 2014 8:42 AM
0

Sign in to vote

Ok, so to answer your questions

RADIUS is running on a 2008 R2 DC, it is configured to use PEAP with TLS and i have no certificate issues.

To clarify what i'm trying to do, i am trying to connect to the AP with out having to setup the wireless profile on the client through GPO or manually. Because i have configured it so that users get a username and password prompt to authenticate, but it only work if the profile is already on the machine, i was wondering if it can work where the client machine domain joined or not, can select an SSID they don't have a pre-config wireless profile for, get the credential prompt and still get verified.

Thursday, May 8, 2014 4:58 PM
0

Sign in to vote
Hi，

To use PEAP-TLS, you must deploy a PKI. MS-CHAP v2 is the recommended method for user authentication if a certificate infrastructure is not available.

If you use a local user account for MS-CHAP v2 authentication, the demand-dial routers do not need to join the Active Directory domain. Be sure to use strong passwords with MS-CHAP v2. In an Active Directory domain, you can use Group Policy settings to enforce the use of strong passwords.

More information:

Choosing EAP-TLS or MS-CHAP v2 for User-Level Authentication

http://technet.microsoft.com/en-us/library/cc739638(v=ws.10).aspx

Hope this helps.

We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
- Edited by Alex Lv Tuesday, May 13, 2014 8:53 AM
Tuesday, May 13, 2014 8:47 AM
0

Sign in to vote

Hi,

When you use the EAP-TLS the certificate is necessary condition. Please read this KB first.

Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS

http://support.microsoft.com/kb/814394/en-us

Hope this helps.

We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Tuesday, May 20, 2014 8:34 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

RADIUS authentication without profile

Question

Answers

All replies