Wireless Access

Reply
Guru Elite

Re: 3200 controller OS update

So, I know that there was a time that changing your password over 802.1x did not work, and now it works.  It probably only works with NPS and beyond:  http://www.stevenjordan.net/2013/11/last-updated-november-15th-2013-by.html

 

It was so long ago...

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: 3200 controller OS update

So, this is why I need a 2008 server, right?

My Windows 2003's RADIUS server doesn't have the capability to do it?

 

Guru Elite

Re: 3200 controller OS update

I would check with MSFT ultimately, because it has been so long, but NPS does offer you that capability today.  Best to check with Microsoft and report back to us, just to be sure.  I would not want to suggest an upgrade if it will work with 2003.  It has been so long, that I cannot be sure.  Maybe someone on the list here could provide some context.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: 3200 controller OS update

Well...I do have a 2008 server that is now an DC.

This is recent so I haven't enabled RADIUS on it, and it is in my "other" site that I can access via WAN (MPLS).

I am still deploying it as it will be replacing an older DC (2003).

I'll give it a try on my 2008 server.

Occasional Contributor II

Re: 3200 controller OS update

Ok...well, my 2008 Radius server is authenticating my wireless laptop by usename but not by machine name!

FYI, I am not presently using certificates. Is this what I am missing? If so, does it have to be an Enterprise certificate as I do not have that access. Our forest is big and each region manage their own domain.

 

Thanks!

Guru Elite

Re: 3200 controller OS update

Tman,

 

At minimum, your radius server needs a server certificate.

 

Did you see the article here:  http://community.arubanetworks.com/t5/Community-Tribal-Knowledge-Base/Step-by-Step-How-to-Configure-Microsoft-NPS-2008-Radius-Server/ta-p/80672  ?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: 3200 controller OS update

Yes, I did see that .pdf but I thought the certificate was mostly for security.

We eventualy will be using certificates. As I asked in my previous message, does it need to be an Enterprise certificate or can it be a standard one? All of my devices will be connecting on my managed domain only.

 

Thanks

 

 

Guru Elite

Re: 3200 controller OS update

For EAP-PEAP you only need a server-side certificate.  Most people do NOT use Client-Side certificates, which is EAP-TLS.

 

If it is working, you have a certificate installed.

 

If machine authentication is not working, you should check the rules on the NPS server.

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: 3200 controller OS update

I haven't yet tried to use a certificate.

I will configure one today and see if this make any changes!

Thanks again

Occasional Contributor II

Re: 3200 controller OS update

Well, I installed the certificate but as I said it is not an "enterprise" certificate.

Do I have to configure my wifi profile on the laptop to validate the certificate?

I don't see the certificate I just created in the list of certificates available!

 

PS... Can you show me a NPS screen shot of an authenticated wireless device?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: