cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
17495
Views
20
Helpful
9
Replies

802.1x Configure Wired 802.1X with NPS

UCrypto
Beginner
Beginner

Dear Sir,

i would like to ask about 802.1x authenication . i try to configure 802.1x Configure Wired 802.1X with NPS without using ISE or third-party appliance. I watched youtube training video and i followed these tutorials.

But when i am testing,i got authenication failed error.I tried to use EAP (PEAP) authenication method.

Please help me to troubleshoot in this case.Please see below Switchesdebug file and NPS server Logs

in 

2 Accepted Solutions

Accepted Solutions

Take a look here on how to configure your NPS, the client part is also explained but this is common for every use case no matter which radius you're using.

https://networklessons.com/uncategorized/peap-and-eap-tls-on-server-2008-and-cisco-wlc/

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

Hello there,

 

Have you tried setting the "Certificate Issued To" to the certificate that is local, or has the FQDN in the name, to any avail (i.e. one of the .local certs, I'm assuming)?

 

In the "Edit Protected EAP Properties" dialog box, according to the "Network Lessons" URL link provided in Francesco's comment:

"Make sure you have selected the correct certificate. This is the computer certificate that will be presented to wireless users when they connect using PEAP. It allows our wireless clients to confirm the identity of the RADIUS server."

 

and the Microsoft guide for Deploy server certificates for 802.1X wired and wireless deployments:

"In the Edit Protected EAP Properties dialog box, in Certificate issued to, NPS displays the name of your server certificate in the format ComputerName.Domain. For example, if your NPS is named NPS-01 and your domain is example.com, NPS displays the certificate NPS-01.example.com. In addition, in Issuer, the name of your certification authority is displayed, and in Expiration date, the date of expiration of the server certificate is shown."

 

 

 

Also can you confirm the current certificate configuration of the client computer?

 

Thanks

 

 

View solution in original post