Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

RADIUS with Windows NPS without a client certificate?

This thread has been viewed 0 times

  • 1.  RADIUS with Windows NPS without a client certificate?

    Posted Aug 31, 2012 05:06 PM

    Is this possible? The users need to be able to login with their AD username/password but we don't have access to any of the machines so a client cert is not an option. Any ideas on how to make this work with an Aruba controller? Anything special?



  • 2.  RE: RADIUS with Windows NPS without a client certificate?

    Posted Aug 31, 2012 06:18 PM

    A client cert is not required.  You can disable the requirement to validate server certificate on the client's wireless configuration.  You still need a cert on the NPS server for 802.1x authentication.

     

    -Mike



  • 3.  RE: RADIUS with Windows NPS without a client certificate?

    Posted Sep 01, 2012 10:28 AM

    Yes its possible as mnarine said..

    What you want to configure here is EAP PEAP which only requires a certificate on the server... a certificate with machine template works fine...

     

    Just a question

    Why you posting this on guest access forum? are you planning deploying this for guest access?
     whats the idea behind this?

     

    Cheers

    Carlos

     

     



  • 4.  RE: RADIUS with Windows NPS without a client certificate?

    Posted Oct 18, 2012 01:10 PM

    Certainly possible using captive portal - we use it, and I'm not aware of any requirements for a certificate.

     

    As far as I remember, you just put your NPS server in the profile.  I believe it defaults to NPS/RADIUS if user is not in the local database.

     

    We offer a guest account that is rate-limited (in the local DB) and our other users just use their network credentials.