05-02-2019 05:53 PM
I'd love to consolidate 2 SSID's with a NPS radius server behind each, on separate domains. I do have a 1 way trust on domain A to B.
Is anyone running such a configuration with success? At this point I haven't looked into it in depth, but I suspect with the 1 way trust I could get 1 NPS to query data from both domains - but I'm concerned about any "domain/user" issues, or duplicate names. We do both user & machine ID auth on both radius connections. Perhaps a creative use of the RADIUS Proxy?
Since I can imagine ways in which it might work, and things that might not.. I thought I'd toss a quick - anyone doing this successfully - query out first.
thanks!
05-10-2019 03:34 PM
To answer my own question for the benefit of anyone interested, or suggested improvement(s):
The Aerohive Radius Proxy appears to be basically designed to remove the need for CAL licenses for IAS/NPS servers prior to Win 2012 - that was ruled out.
NPS ( as stand alone proxy only, or combined with proxy & auth rules ) can be configured to proxy radius requests by using matching rules in the "Connection Request Policies". By matching rules to values in the User Name field I can redirect any radius request to the proper domain NPS server(s).