Security

Reply
AF
Occasional Contributor I

Cross AD forest/domain Authentication for 80211x without using multiple Radius Server

We currently use multiple Microsoft 2008R2 Servers NIPs Functionality (aka IAS/Radius) to authenticate our Machines and users against AD using 802.11x. We have 8 AD forests/domains and currently have multiple NIPs servers pairs in each forest/domain.

We are looking to rationalize the number of NIPS servers down to basically 1 pair which can service all forests /domains, ie we want the NIPs servers to do AD/LDAP lookups across the various domains to validate the machine and user credentials without having to have NIPs/IAS/Radius server in each forest/domain..

Has anyone done this ? Is it actually possible ?
Guru Elite

Re: Cross AD forest/domain Authentication for 80211x without using multiple Radius Server

You need at least one server per forest:

http://technet.microsoft.com/en-us/library/cc778436%28WS.10%29.aspx

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: