Using RADIUS Within the Framework of the School Environment Ed
Register Consultant April 6, 2011
Slide 2
What is Our Goal? Protect our wireless networks Security
Liability Control Bandwidth usage
Slide 3
What is RADIUS? Remote Authentication Dial In User Service
Developed in 1991 Mature Protocol Client/Server protocol running at
the Application Layer
Slide 4
The 3 Functions of RADIUS (AAA) Authentication Users or Devices
BEFORE they connect to the network Authorization Users or Devices
for Network Usage Accounting for usage of services
Slide 5
Who Are the Players? Laptops, iPhones, iPads, Androids,
Workstations Access Point, Network Switch Wireless Controller
(RADIUS Client) Network Policy Server (NPS) (RADIUS Server) Domain
Controller (Active Directory) Active Directory Certificate Services
Group Policy DHCP DNS
Slide 6
Slide 7
Required Components Domain Controller (2008 R2) (Limited
functionality with 2003) AD Certificate Services* 2003 Server this
is simply called Certificate Services Network Policy Server* 2003
Server this is called IAS (Internet Authentication Server) DHCP*
DNS* Access Points that support 802.1x LAN Controller *Built Into
2008 R2 Server
Slide 8
How Do Clients Get Certificates? If computers are in the domain
Group policy will push the certificates to the client May take up
to 20 minutes Can speed process with gpupdate /force If not in the
domain (new laptop) Connect to wired network and join domain Reboot
Log on to the domain 1 time as any user while wired
Slide 9
Basic Configuration Configure RADIUS Client component on
Wireless Controller Server component on Network Policy Server
Install Certificate Services Install Network Policy Server(s)
Certificate Group Policy is Configured Push certificates to
workstations Push Wireless Policy to workstations Create
WirelessAccess group, add computers Configure Network Policies on
NPS