This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

radius configuration on AP7522

radius configuration on AP7522

Akalzed
New Contributor

‎05-04-2023 05:26 AM

Hi.

I'm doing an intership and I'm trying to configure un radius server on a AP7522. My server is all set on a Windows server 2019. I'm trying to configure the wifi AP (AP7522) and frankly I'm lost. I've tryed every ressource I could think of (I've even asked chatGPT, it shows how desperate I am) with no success.

So, I'm open to every suggestion you may have 🙂

0 Kudos
7 REPLIES 7

Akalzed
New Contributor
In response to Rodrigo_Cortes

‎05-04-2023 05:45 AM

I've installed and configured NPS an Windows server 2019. My problem is the Ap configuration. I've entered the share secret when I created the AAA policy but it doesn't work. I'm probably missing something.

0 Kudos

fbarta
New Contributor
In response to Akalzed

‎05-04-2023 06:18 AM

802.1x can be tricky, as the problem could very well lie in your client config/NPS config and not with the AP/WiNG specifically.

Within WiNG, to use an external RADIUS server for WLAN Authentication, you would want to set the SSID to authentication-type eap and tell it to use the aaa-policy you created. The AAA-policy just needs to be fed the server IP and the secret.

ex.
aaa-policy LabTest
 authentication server 1 host <ipadr> secret 0 <secret>
wlan LabTestWLAN
ssid LabTest
encryption-type ccmp
authentication-type eap
use aaa-policy LabTest

At this point, the AP is configured to act as an 802.1x authenticator. The AP would then need to be set as a valid RADIUS client within NPS, having the correct secret isn't enough there. eg. Configure RADIUS Clients | Microsoft Learn

Once that's all in place, you then need to start thinking about EAP methods and your client configuration with regards to certificate validation. You could have everything from the above paragraph's setup properly, but if your client device is set to validate server certificate trust and the cert being offered by your NPS is not trusted by the client, the client will never proceed to send it's credentials to authenticate. 

Akalzed
New Contributor
In response to fbarta

‎05-04-2023 06:43 AM

I meant : "set to validate server certificate trust and the cert being offered by your NPS is not trusted by the client, the client will never proceed to send it's credentials to authenticate. "

I didn't really understood that part, but your response helped a lot. 🙂

0 Kudos
GTM-P2G8KFN