I have read a few articles about the web regarding this, but I seem to be unable to find a definitive answer for my question.
I have an Aruba Networks controller configured to hit a RADIUS server enabled via NPS service on a 2008r2 server. We have a self signed certificate (?) that has been working to authenticate certain devices via domain username and password, but others not so. I have traced the issue to being related to certificates, and in eventvwr, I am seeing the following error when trying to authenticate a non-domain windows machine.
Error: Event 36882 The certificate received from the remote server was issued by an untrusted certificate authority. Because of this the data contained in the certificate cannot be validated. The SSL connection request has failed. The attached data contains the server certificate.
Oddly enough, when connecting iOS devices via my RADIUS SSID, they just confirm the certificate and it works.
Is it possible to create a policy in the NPS server that bypasses the need for a certificate and relies completely on username and password? I am certainly lacking in understanding, so if not, please explain what my options are...
I need to be able to restrict user access on BYOD laptops. I am allowing certain students to access wireless, but if I use a PSK, since they are admins on their own machines they can view and then+ redistribute the PSK, so I really need user based access.
