Solved

RADIUS setup for Single sign on

Posted on 2013-11-04
7
496 Views
Last Modified: 2013-11-11
EE community, I'm looking for suggestions to accomplish single sign for wireless authentication using RADIUS.  Ultimately, I want any user to authenticate to wireless the same way at any of our three offices.

Here is my scenario: Three office locations, HQ and two remote offices connected via BOVPN tunnels.  At HQ I have configured RADIUS and have all local AP's setup and configured.

My question is, how do I go about configuration at the two remote sites?  Both sites have local hardware that could facilitate RADIUS config, but I don't know how to setup to talk to HQ.
0
Comment
Question by:Christina Taylor
  • 4
  • 3
7 Comments
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39622321
This depends a lot on how your sites work at the moment.  Can you give us an idea of what you have in terms of servers, etc?

If you have an AD for example you could use a local RADIUS at each site with the same policies.  But as I say it depends on what you have at the moment.
0
 

Author Comment

by:Christina Taylor
ID: 39622353
I have AD setup at HQ, running MS Server 2008 R2 at HQ and both remote sites. Sites are connected via BOVPN.  I was also thinking local RADIUS at each site, but wasn't sure of the specific configuration.

I hope this helps.
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39622385
So I'll say it's easy (assuming it's the same domain throughout).  You'll need to obtain a certificate for each RADIUS server if you want to use EAP-style logins so ideally you'll need certificate services running on your network.

In short, configure the same SSIDs on your APs and create a GPO to push the wireless settings to the clients.  Configure a RADIUS at each site and configure the same access policies on each RADIUS and that's pretty-much all you need to do.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:Christina Taylor
ID: 39622431
Seems pretty straight forward, as you suggest.  To confirm, it is the same domain throughout.

I'll give it a go this week and see how it turns out.  Thanks a million!
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39622442
No probs... if you need any help I'll be here :-)
0
 

Author Comment

by:Christina Taylor
ID: 39628459
Just checking back in to make sure I'm on the right track to implement GPO.  I'm in my default domain policy - Computer Configuration - Windows Settings - Security Settings - Wireless Network, create new policy.

I already have an XP Policy for my wireless network, so I created a new one for 'Vista and Later'.  Am I on the right track?
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39628465
Yup!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now