Wireless Access

Reply
Regular Contributor I
Posts: 238
Registered: ‎01-19-2013

2 NPS Servers on 1 SSID with 2 different active directorys

Hi community,

 

is it possible to congfigure on 1 ssid 2 radius server (we use ms 2008r2 nps) to authenticate the users in different domains.

first nps is for domain 1

second nps is for domain 2

I wan if nps domain 1 rejects the authentication the controller asks nps domain 2 to authenticate the user.

 

Is this possible? how can I configure this?

 

Thanks

Aruba Employee
Posts: 571
Registered: ‎04-17-2009

Re: 2 NPS Servers on 1 SSID with 2 different active directorys

Did you try using the Fail-Through option on the Server Group?

 

Thanks,

Zach Jennings
Guru Elite
Posts: 21,530
Registered: ‎03-29-2007

Re: 2 NPS Servers on 1 SSID with 2 different active directorys


Leon123 wrote:

Hi community,

 

is it possible to congfigure on 1 ssid 2 radius server (we use ms 2008r2 nps) to authenticate the users in different domains.

first nps is for domain 1

second nps is for domain 2

I wan if nps domain 1 rejects the authentication the controller asks nps domain 2 to authenticate the user.

 

Is this possible? how can I configure this?

 

Thanks


Yes, you can enable "fail-through" on the server group with the two servers in it, BUT here are the requirements:

 

- If you are using 802.1x you need to enable "Termination" in your 802.1x profile on your Aruba Controller (http://community.arubanetworks.com/t5/Community-Tribal-Knowledge-Base/Radius-server-failover-in-1x/ta-p/93788)

- You will also need to create and upload a server certificate for 802.1x to your Aruba controller and the clients in both domains must trust the CA that issued the server certificate and/or the server certificate specifically



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: