cancel
Showing results for 
Search instead for 
Did you mean: 

radius configuration on AP7522

radius configuration on AP7522

Akalzed
New Contributor

Hi.

I'm doing an intership and I'm trying to configure un radius server on a AP7522. My server is all set on a Windows server 2019. I'm trying to configure the wifi AP (AP7522) and frankly I'm lost. I've tryed every ressource I could think of (I've even asked chatGPT, it shows how desperate I am) with no success.

So, I'm open to every suggestion you may have 🙂

7 REPLIES 7

I've installed and configured NPS an Windows server 2019. My problem is the Ap configuration. I've entered the share secret when I created the AAA policy but it doesn't work. I'm probably missing something.

fbarta
New Contributor

802.1x can be tricky, as the problem could very well lie in your client config/NPS config and not with the AP/WiNG specifically.

Within WiNG, to use an external RADIUS server for WLAN Authentication, you would want to set the SSID to authentication-type eap and tell it to use the aaa-policy you created. The AAA-policy just needs to be fed the server IP and the secret.

ex.
aaa-policy LabTest
 authentication server 1 host <ipadr> secret 0 <secret>
wlan LabTestWLAN
ssid LabTest
encryption-type ccmp
authentication-type eap
use aaa-policy LabTest

At this point, the AP is configured to act as an 802.1x authenticator. The AP would then need to be set as a valid RADIUS client within NPS, having the correct secret isn't enough there. eg. Configure RADIUS Clients | Microsoft Learn

Once that's all in place, you then need to start thinking about EAP methods and your client configuration with regards to certificate validation. You could have everything from the above paragraph's setup properly, but if your client device is set to validate server certificate trust and the cert being offered by your NPS is not trusted by the client, the client will never proceed to send it's credentials to authenticate. 

Akalzed
New Contributor

I meant : "set to validate server certificate trust and the cert being offered by your NPS is not trusted by the client, the client will never proceed to send it's credentials to authenticate. "

I didn't really understood that part, but your response helped a lot. 🙂

GTM-P2G8KFN