Security

Reply
Occasional Contributor I
Posts: 8
Registered: ‎01-14-2014

Radius server setup on Windows 2012

Hi,

 

anyone encounter any issues with Radius on win2012. I setup new radius server 2012 but i can't seems to get it to talk to my IAP.

 

I followed the setup guide for win 2008R2 radius setup.

 

Regards,

Roy Chan

MVP
Posts: 2,866
Registered: ‎10-25-2011

Re: Radius server setup on Windows 2012

You can fallow my manual if you want it to work with 802.1x

http://community.arubanetworks.com/t5/Aruba-Instant-Cloud-Wi-Fi/tutorial-802-1X-with-Server-Derived-user-role-Instant-Windows/td-p/146084

 

Hopefully that helps you

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Occasional Contributor I
Posts: 8
Registered: ‎01-14-2014

Re: Radius server setup on Windows 2012

Awesome. Thanks a lot. 

Occasional Contributor II
Posts: 14
Registered: ‎12-08-2014

Re: Radius server setup on Windows 2012

Hi,

 

I have gone through your link. Iam having one small doubt.

 

While configuring it is asking for  IP/DNS address. Which IP address i have to give?

1) Is it an IP address given by the network service provider (122.166.214.27) ?

2) Is it an IP address of the server i.e., 192.168.50.11 ( where iam configuring Radius Server) ?

3)Is it an IP address of the firewall ( We are using fortinet for that the IP is 192.168.50.1) ?

 

All our client machines are getting IP from server (192.168.50.11) , The server is DHCP enabled.

 

The Server IP address is as follows:

IP: 192.168.50.11

Gateway: 192.168.50.1

DNS: 192.168.50.1

 

Regards.,

Srinivas.

MVP
Posts: 470
Registered: ‎05-11-2011

Re: Radius server setup on Windows 2012

Srinivas, is it the Radius Client IP-adress you're referring to (picture 4 in NightShades guide)? This is the IP the Controller use when sending Radius traffic to the Radius server. Usually this is the controller-ip, but is configurable.

Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Occasional Contributor II
Posts: 14
Registered: ‎12-08-2014

Re: Radius server setup on Windows 2012

[ Edited ]

Hi John,

 

Yes iam having a doubt about that IP( which is in fig-4) only. Controller IP in the sense the IP used for the configuration of the Aruba device( IAP-115) right?

 

 

 

 

Regards.,

Srinivas.

MVP
Posts: 470
Registered: ‎05-11-2011

Re: Radius server setup on Windows 2012

If you're doing this with IAP - under System you need to enable "Dynamic Radius proxy" and add a "Virtual Controller IP". Use this VC-IP as Radius Client IP on the Radius Server. Make sure there is routing and openings for udp 1812/1813 between the Radius Server and this VC-IP.

 

 

Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Occasional Contributor II
Posts: 14
Registered: ‎12-08-2014

Re: Radius server setup on Windows 2012

Hi,

 

Thanks for the reply.

 

This things i have already done. But when connecting to that wifi using windows credentials it is showing as unable to connect. I think there is a connectivity issue between IAP & Radius server.

 

Kindly find the below attachments.

 

 

Regards.,

Srinivas.

Guru Elite
Posts: 19,974
Registered: ‎03-29-2007

Re: Radius server setup on Windows 2012

srinivas7y@gmail.com,

 

You should check to see if there is anything in the Event Viewer on the Windows Server under Custom Views> Server Roles> Network Policy and Access.  That would give you a clue what is happening.

 

 

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
MVP
Posts: 470
Registered: ‎05-11-2011

Re: Radius server setup on Windows 2012

On the Instant you can also check the "show ap debug radius-statistics" either in CLI or through the GUI "More -> Support".

 

Here you'll find useful counters like

  • Invalid secret
  • Timeout
  • Mismatch

Based on this and the findings in NPS log you should be able to narrow the issue down enough to solve it.

Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Search Airheads
Showing results for 
Search instead for 
Did you mean: