Configure RADIUS On Windows Server 2012 for Wireless Authentication

NC

This article explains How to Configure RADIUS On Windows Server 2012 for Wireless Authentication.

Right click the network connection icon in the lower right corner and select "Open Network and Sharing Center".

Click "Ethernet0" > "Properties".

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Select "Internet Protocol Version 4 (TCP/IPv4)" > "Properties"

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Select "Use the following IP address", and fill the input box.

  • IP address : 192.168.1.254

  • Subnet mask : 255.255.255.0

  • Default gateway : 192.168.1.1

Select "Use the following DNS server addresses" and fill the input box.

  • Prefferred DNS server : 192.168.1.254

Click "OK" button to save your settings.

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Configure Active Directory  for accounts and groups

Go to "Server Manager" > "Dashboard" and click "Add roles and features".

Configure RADIUS On Windows Server 2012 for Wireless Authentication

After clicking "next" three times, select "Active Directory Domain Servies", Click the "Add Features" button in the pop-up window.

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Continue to click the "Next" button to go to the next step. In the confirmation panel, check the box of "Restart the destination server automatically if required". Click "Yes", then click the "Install" button.

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Promote this server to a domain controller.

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Select "Add a new forest", enter root domain name, for example : routermobile.com

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Click "Next" button, then type the directory services restore mode (DSRM) password. Then keep clicking the "next" button, and finally click "Install". The computer will restart.

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Go to "Server Manage" > "AD DS", select the server 192.168.1.254, click "Tools" and select "Active Directory Users and Computers".

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Create a new group : "routermobile.com" > "Users" > "New" >"Group". Enter a group name (e.g. wifigroup), click "OK" to create.

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Create a new user : "routermobile.com" > "Users" > "New" >"User". Enter a user name (e.g. user1).

Next, set a password, uncheck "User must change password at next logon", check "User cannot change password" and "Password never expires".

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Add the user "user1" into the group "wifigroup".

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Go to "Server Manager" > "Dashboard" and click "Add roles and features". "Server Roles" > check "Active Directory certificate Services".

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Then keep clicking the "next" button, and finally click "Install". The computer will restart.

Configure Active Directory Certificate Services on the destination server

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Role Services : check "Centification Authority"

Cryptography : RSA#Microsoft Software Key Storage Provider, SHA256

Next and click the "Configure" button.

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Go to "Server Manager" > "Dashboard" and click "Add roles and features". "Server Roles" > check "Network Policy And Access Services".

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Role Services : check "Network Policy Server" and "Health Registration Authority".

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Certification Authority : select "Use the local CA to issue health certifications for this HRA server".

Authentication Required : select "No, allow anonymous requests for health certificates".

Then keep clicking the "next" button, and finally click "Install".

NAP configure

Go to "Server Manager" > "NAP", right-click the server "192.168.1.254" and select "Network Policy Server".

Configure RADIUS On Windows Server 2012 for Wireless Authentication

RADIUS server for 802.1X Wireless or Wired Connections

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Configure 802.1X

Select the type of 802.1X connections : Secure Wireless Connections

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Add a new RADIUS Client

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Select the EAP type for this policy : Microsoft Protected EAP (PEAP)

Special User Group : wifigroup

Configure RADIUS On Windows Server 2012 for Wireless Authentication

Configure the wireless Access Point

Log in Linksys router, its management IP address is 192.168.1.1, both of username and password are "admin".

Go to "Wireless" > "Wireless Security".

  • Security Mode : WPA2 Enterprise

  • WPA algorithms : AES

  • RADIUS server address : 192.168.1.254

Configure RADIUS On Windows Server 2012 for Wireless Authentication


Tags: Linksys 192.168.1.254 RADIUS Windows Server 2012