11-13-2014 06:53 PM - edited 07-05-2021 01:56 AM
We currently have a wireless infrastructure consisting of 2702i access points and a 5508 controller. We have a guest (Internet only) SSID and also a private (corporate) SSID. We are currently using PSK for the corporate wireless but I would much rather have users authenticate through Active Directory. I have Googled this and see some people say it is possible using Server 2008 R2 and NPS.
Has anyone ever successfully deployed this solution? If so, I would greatly appreciate information on how to configure this. One key thing to note is that we do have non-domained devices that will still need to authenticate against user accounts in AD.
Thank you in advance,
John
11-14-2014 07:34 AM
Hi John,
You will have some reading to do my friend. I will outline the key components and the process with some links.
802.1X -
You are looking to do 802.1X (EAP). Whereby you leverage a radius server NPS and authenticate users against a database, in this case AD. If you never done this before. Know that you will need to configure the radius side and also the client side.
http://technet.microsoft.com/en-us/library/cc759077(v=ws.10).aspx
NPS -
Configuration
http://technet.microsoft.com/en-us/library/dd283091(v=ws.10).aspx
EAP -
You will have to select an EAP type. The most common and widely supported is EAP-PEAPv0. It supports MsChapV2. I might suggest leading with EAP-PEAPv0.
http://www.networkworld.com/article/2223672/access-control/which-eap-types-do-you-need-for-which-identity-projects.html
WLAN -
You will need to configure your WLAN as 802.1X.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-0/configuration/guide/c70/c70sol.html
CLEINT -
You will need to configure your clients with PEAP.
https://supportforums.cisco.com/document/68096/peap-authentication-configuration-example-windows-7
Hope this helps ..
11-14-2014 07:36 PM
George, thank you for the detailed reply. I will let you know how it goes.
Thank you,
John
11-14-2014 07:58 AM
this document has a good 'how to' section on configuring NPS:
hth
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide