- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
RADIUS with Windows NPS without a client certificate?
RADIUS with Windows NPS without a client certificate?
08-31-2012 02:06 PM
Is this possible? The users need to be able to login with their AD username/password but we don't have access to any of the machines so a client cert is not an option. Any ideas on how to make this work with an Aruba controller? Anything special?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: RADIUS with Windows NPS without a client certificate?
Re: RADIUS with Windows NPS without a client certificate?
08-31-2012 03:18 PM
A client cert is not required. You can disable the requirement to validate server certificate on the client's wireless configuration. You still need a cert on the NPS server for 802.1x authentication.
-Mike
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: RADIUS with Windows NPS without a client certificate?
Re: RADIUS with Windows NPS without a client certificate?
09-01-2012 07:28 AM - edited 09-01-2012 07:31 AM
Yes its possible as mnarine said..
What you want to configure here is EAP PEAP which only requires a certificate on the server... a certificate with machine template works fine...
Just a question
Why you posting this on guest access forum? are you planning deploying this for guest access?
whats the idea behind this?
Cheers
Carlos
Product Manager - Aruba Networks
Alternetworks Corp
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: RADIUS with Windows NPS without a client certificate?
Re: RADIUS with Windows NPS without a client certificate?
10-18-2012 10:10 AM
Certainly possible using captive portal - we use it, and I'm not aware of any requirements for a certificate.
As far as I remember, you just put your NPS server in the profile. I believe it defaults to NPS/RADIUS if user is not in the local database.
We offer a guest account that is rate-limited (in the local DB) and our other users just use their network credentials.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator