Solved

NPS 802.1X VLAN Assigment configuration

Posted on 2013-05-17
2
2,222 Views
Last Modified: 2013-09-18
I have been tasked to configure an NPS server to do VLAN assignment based on user authentication credentials.

We want for wireless and wired connections to get a VLAN assigned based on the computer account or user authentication. For example when they plug via wire the switch will send the request to the NPS server and based on the rules it will place the computer in a particular VLAN or will deny the access.  To keep it simple we will use EAP-PEAP with MSCHAP2 (certificate just on the NPS server)

Also we need to have a redundant NPS server is case the primary goes down.

That being said, can someone help us out and provide build notes or some guidance.
0
Comment
Question by:llarava
2 Comments
 
LVL 21

Accepted Solution

by:
Jakob Digranes earned 500 total points
ID: 39176705
based on what you write, it looks like you already have quite a lot of knowledge on NPS and 802.1X ---
here's some blogs around 802.1X with dynamic VLAN assignment - hope that will put you in the right direction:
http://technet.microsoft.com/en-us/library/cc754422%28v=ws.10%29.aspx
http://blog.packetqueue.net/category/802-1x/
http://integratingit.wordpress.com/2012/07/05/configuring-dynamic-vlan-assignment-on-procurve-switches/ --- but in this last article ; remember to unchekd LESS SECURE AUTHENTICATION METHODS as they have checked in the picture
0
 

Author Comment

by:llarava
ID: 39195419
Thanks for the links. We are going to setup 2 NPS servers for redundacy. Do you know if I can configure the Cisco switches with 2 NPS servers? If so how do I do that?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now