Cisco wap4410n validating identity Pooping webcams
cgaliher - I'll see if I can find anything known for the particular access points I'm using, but they are not full blown Cisco AP's they're in the Linksys Small Business family so typical IOS debugging and t-shooting doesn't seem to work.
When I enabled ssh on it attempting to turn on very detailed debugging and diagnostics..guess what, they don't have it.
The Certification Authority is the only service running on the host (its virtual, but it shouldn't make a difference) I have setup an instance of Windows Server 2008 R2 Standard with NPS and used the wizard to start the configuration for Wireless 802.1x authentication.
I also issued the NPS server a IAS / Radius certificate from my internal CA.
- Fast reconnect is checked Under advanced settings for 802.1x I have tried both computer authentication and "user or computer authentication", when user is selected, I have tried with enable SSO for htis network, perform immediatley before user logon.
Under Network Policies there are 4 rules: 1 - domain computers - machine groups: leepdc\domain computers, user groups leepdc\domain users - granting full network access 2 - secure wireless - NAS port type as wireless other or Wireless IEEE 802.11, windows groups domain users or domain computers, auth type = PEAP, allowed EAP: MS Smart card or certificate, or MS PEAP- smart card or other cert, machine group: domain computers. No health policies are defined or remediation servers (I'm just looking for RADIUS really, not NAP).
(doubt this makes a difference for the problem but want to get the details out there, none of these are virtual machines); currently I have no domain logon problems anywhere on my network, replication is functioning between the 3 DCs.
I have a machine configured as an internal Enterprise Certification Authority which is 2008 R2 Enterprise edition.
I have configured one of the access points (the only one I'm setting up so far) as a radius client and ensured that the shared secret matches on the device and the server, the WAP has the proper static IP and vice versa for the NPS radius client.
On my NPS connection request policy, i have 2 rules - Secure Wireless Connections - enabled @priority 1 - NAS port type wireless - other or wireless IEEE 802.11, local computer as the authentication provider and override authentication is disabled.