How to Windows NPS with clients with dynamic IPs

Windows Server 2016 NPS (Radius) with clients on dynamic IPs.  Most of what I'm reading seems to indicate that this isn't possible unless it is a small range of IPs.  I have a LOT of wifi access points and want to use Radius for authentication, however some of those access points have dynamic IPs.  Is there a way to setup a Radius client in NPS that allows for any IP?  ( for example)
Tim PhillipsWindows Systems AdministratorAsked:
Who is Participating?
Cliff GaliherConnect With a Mentor Commented:
I don't think it is possible. And from a security standpoint, it'd be terrible practice anyways. A major component in any good RADIUS deployment is the logging and auditing. And with a dynamic IP client  that becomes meaningless. At the very least, you should be using DHCP reservations so your clients always have the same IP. And that should be documented for any future log/forensic analysis and incident response.
MaheshConnect With a Mentor ArchitectCommented:
There is no way NPS can track radius clients (AP) with changed (Dynamic) IPs, because the primary method to communicate with these radius clients is their IP and not hostname
U have to use static only
Tim PhillipsWindows Systems AdministratorAuthor Commented:
Its a bummer, but yeah that's what I thought.
All Courses

From novice to tech pro — start learning today.