802.1X - RADIUS - Chromebooks

  • 0
  • 1
  • Question
  • Updated 3 years ago
When we built our wireless network in 2011 the best way to auth from Active Directory was to run through a radius proxy.  It appears now that that is no longer needed in the 9.x controller.  I have 2 domains, and I have been successfully authenticating directly from ldap and not radius proxy on my smaller domain.

Before I move my primary domain to direct ldap auth, I wanted to see if anyone else has set this up lately and can offer advice about doing away with radius proxy.  In a 9.X environment, with AD auth, is there any reason to keep radius in the picture at all?

Also, I am planning on rolling out chromebooks that will be in a cart for student use.  I want to get them to auth with 802.1X with their credentials.  It is essential to be to make the login fast (avoid a portal login) and to have per user accounting (I have userid tagged to a firewall)

Has anyone setup 1X auth to a chromebook?  Any advice?

--Keith
Photo of Keith Obermeier

Keith Obermeier

  • 430 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Rainer Adam

Rainer Adam

  • 874 Points 500 badge 2x thumb
If you use also the Extreme Networks NAC solution you can do it as I did at one of my customers. They had 2 complete different domains with NO trust between. Depending on the damain with the user logon we sent it via NAC rule matrix to the correct DC.

For this use the NAC Gatway(s) as Radius Proxy.