![]() The only way to do that is 'firewall' them onto a separate VLAN and put security rules in place on the network to prevent traffic from that 'guest' VLAN from accessing the main network.To authenticate to the main network, you can setup so that only 'domain computers' can authenticate to that, which prevents users with valid user credentials from getting on. You still need 2 separate VLANs, because while NPS can specify which VLAN/WLAN that a device gets put onto, there is no mechanism to prevent a user with domain credentials on the network from access your servers. ![]() There are multiple pieces to this puzzle. I am now using the cert with CA-1 on the end because the server itself is a root CA.Īll seems to be working now, even on Windows 7.Sorry this isn't the most informative, but I thought I would put my solution just in case anyone else has similar issues with similar knowledge with RADIUS as me.Thanks for the comments though everyone:). Managed to resolve this, I don't really understand the certificates on RADIUS to be honest, I am going to do some digging and learning on this, because I really don't feel like I know enough.I had to go into NPS:Policies Network Policies Double Click policy name Constraints tab Auth Methods Select EAP/PEAP and click Edit I changed the 'Certificate Issues to' dropdown and tried different ones.
0 Comments
Leave a Reply. |