Jorge Diaz
asked on
Windows Server NPS Radius for 802.1x wireless and ethernet configuration
Hello there,
I"m reviewing the 802.1x's microsoft implementation to get handle on it and consider its possible implementation in our environment. At this moment we don't have a domain, as a matter of fact we're mostly macs with no network os. I've been reading Microsoft documents and it seems to me 802.1x can be implemented without joining the computers to domain. I've found quite a few hurdles as i keep reading and testing this so i figure it'd be a great idea to pick someone else's brain...
First, can i implement NPS in a non domain mac environment environment? Should i consider open source for radius instead?
If any of you have implemented it, is there any lessons you would like to share with me as keep testing.
thanks for your help..
I"m reviewing the 802.1x's microsoft implementation to get handle on it and consider its possible implementation in our environment. At this moment we don't have a domain, as a matter of fact we're mostly macs with no network os. I've been reading Microsoft documents and it seems to me 802.1x can be implemented without joining the computers to domain. I've found quite a few hurdles as i keep reading and testing this so i figure it'd be a great idea to pick someone else's brain...
First, can i implement NPS in a non domain mac environment environment? Should i consider open source for radius instead?
If any of you have implemented it, is there any lessons you would like to share with me as keep testing.
thanks for your help..
You can use NPS. Create local accounts on the NPS box for your users and it'll work fine... no SQL needed :)
You can even run a CA on it too.
You can even run a CA on it too.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I focused on the portion given there is no existing infrastructure based on Windows, whether open source shoukd be considered.
The following link deals with using raspberry pi as the .......
https://steven-england.info/2014/11/06/providing-802-1x-authentication-freeradius-peapv0eap-mschapv2-support-raspberry-pi/
Using the component references of freeradius,freeradius-MySQ L....
Applying the configuration .....
There are other examples ref dialoradius......
The issue one would/should have two to have backup in the event one fails to make sure access to the network (802.1x) is maintained.
The following link deals with using raspberry pi as the .......
https://steven-england.info/2014/11/06/providing-802-1x-authentication-freeradius-peapv0eap-mschapv2-support-raspberry-pi/
Using the component references of freeradius,freeradius-MySQ
Applying the configuration .....
There are other examples ref dialoradius......
The issue one would/should have two to have backup in the event one fails to make sure access to the network (802.1x) is maintained.
Ok fair comment :-)
Yes, you should consider open source, a commodity workstation, older one you could buy from eBay for $100-$300 on which you can setup center from centos.org, MySQL/freeradius, ......
A pair will provide redundancy/......