Hello to all,
I open this discussion to ask you for help.
Indeed, I am in charge of setting up a Wi-Fi network with a certificate-based RADIUS authentication to authenticate a specific group of computers.
My infrastructure (this is a lab, my end client's infrastructure is more complex and better organized but I made it like this for convenience):
- 1 Server AD,DNS,AC,NPS
- 1 Client PC
My PC Client is added to the domain and my NPS server is well integrated to Active Directory, is well part of the IAS & RAS group.
First I created a certificate template named RADIUS_Server_Client for my NPS server based on the IAS & RAS template.
I then have my network policy which states that all wireless connections belonging to the Windows group "Radius-Posts" which contains my computers can connect to the WiFi network. My Client PC is obviously part of this group.
I set up a GPO to first deploy my authority certificate and put it in the certificate store of my client PCs.
I have also enabled automatic enrollment of client certificates so that they can (logically) authenticate to the Radius.
With the following EAP properties :
After a gpudate, my wireless network created by GPO appears well, I can connect to it in theory, it shows me the fingerprint of the server of my Aruba terminal but while trying to connect to it I find myself with an EAP 25 error (report generated with the command "netsh wlan show wlanreport")
I thought that the problem comes from the ceritifcats of my AP-505 Wifi terminal, so I inserted my AC and NPS server certificates previously exported in .pem but it does not help me more, with this the server's fingerprint is no longer indicated but the connection attempt is looping and ends up displaying "Network not available").
- My AP configuration (IP : 192.168.1.160)
Conf WiFi :
- My server ADDS,NPS IP : 192.168.1.250 and firewall disabled for testing.
There are a lot of elements, but I hope I was accurate enough with the data I brought you. I don't know where my mistake is, I hope that one of you will be able to bring me a solution...