01-20-2015 07:49 AM
Just wondering if anyone has any suggestions on this or if I am even going about this the right way.
I am trying to get a non-domain machine authenticated agains my NPS server to give it network acces. The device is a wireless barcode scanner for inventory that needs to talk back to the database sitting on our corporate LAN.
I already have a WLAN for our corporate LAN that does machine authentication for domain comuters and gives that laptop access to the LAN but I am struggling on how to get a non-domain machine onto our network.
I have created a self signed certificate on my NPS server and exported it and installed it onto the non domain machine and added Microsoft Smard Card or other certificate with the self signed certificate to the Authentication Methods to the existing rules on my NPS hoping that this would be all I need to do to allow the machine with the self signed cert access to the network. But it is not working. The machine just pops up a message saying in can not connect to the WLAN.
Not sure if there is something configured wrong on the Aruba controller or my NPS server
Is this even the a possible way of getting a non domain machine access to my corporate LAN or am I going about this all wrong. If there are any other ideas or a better way of accomplishing this I would really appreciate any suggestions.
If you need more details please let me know and I will provide as much as possible.
01-20-2015 07:53 AM
01-20-2015 08:06 AM
01-20-2015 08:22 AM
If I wanted to use the certificate for the user would I select the smartcard or certificate option?
I tried the Protected EAP and still could not get connected on the non-domain device
01-20-2015 08:34 AM
01-20-2015 08:47 AM
All I have done so far was created the self signed certificate on the NPS server exported the root certificate with just the public key and then installed that onto the non domain device in the Trusted Root Certification Authorities section.
I have not issued any client certificates yet. Should that be my next step?
01-20-2015 09:07 AM
01-20-2015 12:06 PM
ok I will look into this and see what I can come up with. We do have an existing AD Certificate Authority so hopefully i can get something to work.
If i get anything working I'l post what i did
Thanks for the input!
01-20-2015 12:58 PM