Wireless Access

last person joined: 12 minutes ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

RADIUS - User + Computer authentication

Jump to Best Answer
  • 1.  RADIUS - User + Computer authentication

    Posted Jul 02, 2014 01:12 AM

    Greeting,

     

    I hope someone can help me with this.

     

    I'm using RADIUS Server 2008 R2 with Aruba Controller. This part is all good and configured correctly.

     

    My issue is with authentication. Currently I'm trying to use PEAP computer and user authentication with certificates or EAP-MSCHAP v2. All my clients have the required certs.

     

    So for example if I configure a network policy with PEAP EAP-MSCHAP v2 the client can make the computer authentication but then it takes around 5 minutes to load the desktop (which is the time for the Group Policy timeout) and just after the timeout it does the user authentication.

     

    So I don't get any of my mapped drives but once the desktop is loaded I can manually map them.

     

    It seems it's not passing from machine authentication to user authentication after the user enter the credentials in the log in screen but only after the desktop is loaded.

     

    Is there a smart way to do this? I have tried all sorts of combinations e.g. single sign-on, pre-authentication, etc..

     

    Thank you

    Felipe

     



  • 2.  RE: RADIUS - User + Computer authentication
    Best Answer

    Posted Jul 02, 2014 04:47 AM

    Fbinotto,

     

    What role on the Aruba Controller does your device get when it authenticates using machine authentication?

    What role does a device get when it authenticates using user authentication?

     

    Make sure your role is an allowall role so that it is not blocking anything.  That is the main reason for slowdows while logging in: blocked traffic that is essential for group policy, etc.