• September 18, 2020, 01:13:12 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: WiNG 5.x Active Directory (Windows Server2012) without Controller  (Read 3977 times)

0 Members and 1 Guest are viewing this topic.

Offline Harry

  • Rookie
  • **
  • Posts: 11
Dear Admin,
or Michael mcnamara...


Can anyone already try to configure AD at Windows Server 2012 without Controller
i means AP-8132 with CPP (Captive Portal Policy) standalone with PC include VM (as Router and ADSP server).

Please share experience about that, thank you


Offline romnet

  • Jr. Member
  • **
  • Posts: 25
Re: WiNG 5.x Active Directory (Windows Server2012) without Controller
« Reply #1 on: November 30, 2013, 10:06:01 AM »
hi,

can you explain more clearly what you want to do ? have you checked the "WiNG 5.X How-To Guide
Active Directory Authentication" The fact you don't have a controller does not change anything, you can just follow the same kind of configuration.

I might have examples to follow if you're more specific.

romain

Offline Harry

  • Rookie
  • **
  • Posts: 11
Re: WiNG 5.x Active Directory (Windows Server2012) without Controller
« Reply #2 on: December 01, 2013, 05:30:10 AM »
romnet,

thanks for respon, i want to connect AP88132(WiNg 5.4) with Active Directory company with captive portal,
so user/employee can connect to wifi with AD authentication.

so, it's possible without controller? because my AD is windows server 2012, i heard before that without controller only support AD windows server 2003 and 2008 higher IT MUST BE HAVE CONTROLLER, thats right? or can without controller?

@yes i already read WiNG How To with Active Directory.pdf" file.

Thanks beforehand...

Offline romnet

  • Jr. Member
  • **
  • Posts: 25
Re: WiNG 5.x Active Directory (Windows Server2012) without Controller
« Reply #3 on: December 01, 2013, 07:02:06 AM »
hi,

First of all, I don't understand why you want to make captive portat, which is a non-secured way of connection, used for wireless hotspots. you should be using dot1x authentication for your wireless clients.

I don't see any reason why radius won't work with windows 2012, although I didn't use it. It should be a radius intermediate anyway (called NPS - network protection service), you should find plenty of info on this forum on the configuration of radius client (the AP in your case).

here is a sample of config that you will need to do :

aaa-policy Radius
 authentication server 1 host IPADDRESSOFWINDOWSSERVER secret 0 SHAREDSECRET
!

wlan dot1x
 ssid dot1x
 vlan 1
 bridging-mode local
 encryption-type ccmp
 authentication-type eap
 use aaa-policy Radius
!

that's all :)

Offline Harry

  • Rookie
  • **
  • Posts: 11
Re: WiNG 5.x Active Directory (Windows Server2012) without Controller
« Reply #4 on: December 02, 2013, 08:55:10 PM »
Hi Romnet,

Thanks for your advice. Yes, i see dot1x is secure.
Thanks for your shared CLI configuration about this case.
have you file pdf about dot1x ? thanks