NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

PdClark's avatar
PdClark
Tutor
Jul 20, 2018
Solved

GS748T no radius authentication

Hi   I have a Windows Server 2012 configured with NPS and is working fine with WiFi access points.   I'm trying to configure my GS748T to authenticate EAP with the server.  What I've done so ...
Security
PdClark's avatar
PdClark
Tutor
Jul 30, 2018

From my configuration;

 

On the switch, keep the Authentication List to Radius, Local, None.  It enables all authentication to the Radius server including the console logon.

 

In Group Policy, set the wired config to use 'Smartcard or other certificate' and 'Computer only' authentication.

 

On the properties of 'smartcard or other cert', select 'Use a cert on my computer' click Advanced and select the root certificate issued from your CA.

 

On your NPS server, add the switch as a Radius client, create a 'Network Request' policy based on Domain Computers (or any other group for your computers) and a 'Client Friendly name'

 

Add a Network Policy adding the same group of computers and EAP type.

 

That should get you going.  Tweek NPS to improve the constraints.

George_58's avatar
George_58
Aspirant
Aug 03, 2018

No way :-/ . Problem 1 - not working and problem 2 not working..

Problem 1 - authentication to admin console. NPS server get request from switch and accept it - averything seems ok. But switch not allow to log in - why?

 

Problem 2 - any data on NPS server from workstation. It seems that no data go thru switch to NPS server. Why? Where can I find any information about this? In log on switch there is no datas about EAP from workstation.Only

03 Aug 2018 10:31:40%STP-W-PORTSTATUS: g15: STP status Forwarding
03 Aug 2018 10:31:36%LINK-I-Up: g15
03 Aug 2018 10:31:31%LINK-W-Down: g15

 

It is problem of Radius attributs? Is there any document where can I find info about atributs which Netgear "must receive"?

I have .cer file from ma domain controller, but it contains no private key.So must I make new certificate, e.g. with Openssl, whitch will hace Public and Private keys?

Did you setup certificate on Netgear switch (Security/Access/HTTPS/Certificate management)? Or it can be blank.. sorry for too many questions, but I'am not  network proffesional..

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More