Wireless (General)

  • 1.  NAC Appliance and NPS for MAC Authentication

    Posted 02-28-2018 14:41


    Let me preface this by saying I am brand new to NAC. I am setting up a windows 2012 NPS server as a RADIUS Proxy in NAC to authenticate clients via MAC Address. My question is how the NAC appliance knows which OU to look in for the MAC Address. I have dug around and cannot find anything pertaining to this. When using NPS as a RADIUS proxy for IdentiFI Wireless it was a matter of creating Access Polices. Is it the same for NAC? Any help is appreciated.


  • 2.  RE: NAC Appliance and NPS for MAC Authentication

    Posted 02-28-2018 16:48
    Hello,

    Typically we don't proxy MAC authentication to the back end NPS RADIUS server. In a typical deployment MAC authentication is handled locally, and the NAC is designed to auto accept any MAC authentication request regardless of password, username, or even RADIUS shared secret. MAC Authentication is used to identify the end system, more than as an authentication mechanism.

    We do have a few customers that use NAC to proxy the MAC authentication back to NPS, but there isn't much known regarding what their configuration is. I suspect they have users with either usernames of the MAC address, or an alias that serves as the username of the MAC address.

    Thanks
    -Ryan



  • 3.  RE: NAC Appliance and NPS for MAC Authentication

    Posted 02-28-2018 18:24


  • 4.  RE: NAC Appliance and NPS for MAC Authentication

    Posted 02-28-2018 19:33
    Hello,

    Are you looking for configuration of MAC authentication or 802.1x authentication?

    All you have to do for MAC authentication is put the switch in the "Switches" tab, enforce the NAC, and verify RADIUS is configured on the switch. :edit: Also you'll need to make sure MAC authentication is enabled on the desired ports as well. :edit:

    For 802.1x check out the following:

    https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-NTLM-authentication-on-EA...

    Thanks
    -Ryan