Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [nps]

Network Policy Server, is a Microsoft RADIUS server for Windows Server 2008 and higher.

Microsoft's Network Policy Server is a server provided with and . It provides a variety of authentication services for VPN and connections.

119 questions
3
votes
2 answers

Control which certificate an NPS network policy selects when the certificate is auto-renewed

I have multiple NPS network policies using Microsoft PEAP with a self-signed certificate. When our internal CA automatically renews the certificate, all of the network policies switch to another (it appears, random) certificate installed on the NPS…
I say Reinstate Monica
  • 3,100
  • 7
  • 23
  • 51
3
votes
1 answer

Microsoft NPS 2012 R2 - Can't perform authentication from Cisco ASA with PAP

I am trying to setup a Cisco ASA (version 9.1(7)6) to authenticate against a Microsoft Network Policy Server 2012 R2. The ASA is able to communicate with the NPS server, however the test aaa-server command returns AAA Failure. Checking the security…
Muh Fugen
  • 309
  • 1
  • 4
  • 14
3
votes
2 answers

What are the risks of adding third-party Root CA certificate into NTAuth Store?

What are the risks associated with import of third-party Root CA certificate into the Enterprise NTAuth Store in Windows domain except that the CA is then trusted to issue certificates? This is for test purpose to fix an issue with wireless clients…
Volodymyr Molodets
  • 2,404
  • 9
  • 35
  • 52
3
votes
0 answers

Cisco SG300 switch does not send RADIUS messages to server for 802.1x

I want to eventually configure the SG300 to authenticate wired clients with 802.1x and Microsoft NPS (RADIUS). I am currently testing this setup using a single port (Port 7) on my SG300, a test machine, and an AD based Network Policy Server. The…
Christopher Pope
  • 31
  • 1
  • 3
3
votes
1 answer

Registation or Guest VLAN for 802.1x via Microsoft NPS

I am currently working on a Microsoft NPS solution to provide 802.1x MAC authentication for wired and wireless clients along with providing a VLAN for the clients to be moved to. It currently works perfect with our Wireless APs and switches, however…
dave
  • 31
  • 2
2
votes
1 answer

Issue with Powershell script not filtering by date

I've put together this powershell function to basically pull events from the NPS log (Specifically denied authentication attempts) from the last point the script was run (the $date variable), sort out the IP and date the log entry was written on and…
mitchell2423
  • 25
  • 5
2
votes
0 answers

802.1x WiFi computer (cert) auth against 2008 R2 or 2012 R2 NPS succeeds, fails against 2016 NPS

We have a Meraki wireless infrastructure using 802.1x to authenticate Windows clients against MS Network Policy Server using certificates issued by our internal root CA. The root cert and wireless settings are pushed out via group policy. This has…
Endaar
  • 21
  • 1
2
votes
0 answers

Windows Server 2012R2 RADIUS (wifi) clients won't accept bought wildcard certificate

I've been managing the NPS Server for a while and thought it was time to treat it a valid SSL certificate. The setup I bought a wildcard SSL certificate from comodo, compiled it to an .pfx certificate (including the comodo chain) and installed it on…
Christian
  • 333
  • 7
  • 17
2
votes
1 answer

NPS/RADIUS authentication across one-way trust

I'm trying to set up Windows Network Policy Server to allow RADIUS authentication in a multiple forest scenario with one-way trusts. We have several domains (each in a single domain-forest) containing user accounts, and one domain "OPS" with servers…
carlpett
  • 896
  • 8
  • 17
  • 28
2
votes
2 answers

Monitoring a service that runs as svchost with nagios

What was IAS in Server 03 is now Network Policy Server (NPS) in Server 08. I was able to monitor the service in 03, but have been unsuccessful in figuring out how to in 08. The path to executable states the following…
IOTAMAN
  • 665
  • 2
  • 8
  • 13
2
votes
1 answer

EAP-TLS for Wireless with Active Directory

My question is more from a conceptual point of view, rather than implementation (even though I'm asking about proprietary protocols and products). Assuming I have users and credentials set up in my Active Directory. Users can log in to their…
AndreCruz
  • 71
  • 4
2
votes
1 answer

Cisco Voice VLAN with 802.1X Authentication

I've got a Cisco Catalyst 2960 that I'm trying to configure for a remote office with 802.1X wired authentication. The setup I'm going for is Switch -> VoIP Phone via Internal Switch -> PC/Laptop (Domain Joined Win 7/8). Our authentication server is…
iamacarpet
  • 310
  • 2
  • 12
2
votes
2 answers

How do I use a domain account to connect to a MSSQL server for NPS accounting?

I'm trying to connect a Server 2008 R2 NPS to a MSSQL server for logging accounting data and I'm running into issues. I configured NPS Accounting through the "Configure Accounting" wizard and, using windows integrated security, I was able to connect…
red888
  • 4,069
  • 16
  • 58
  • 104
2
votes
1 answer

Using Windows NPS for Cisco router aaa authentication - is this safe?

I setup RADIUS authentication on a Cisco router and pointed it to a Windows NPS. Now I can ssh into the router my with AD account YAY. But now that I got it working I'm going over the settings to make sure everything is secure. On my router the…
red888
  • 4,069
  • 16
  • 58
  • 104
2
votes
0 answers

NPS RADIUS authentication fails due to user account

We're in the process of migrating our wireless network, adding in 802.11x-based RADIUS authentication. The set up is as follows: Client connects to router01 Client authenticates through RADIUS on a Windows Server Client should get connected (.. or…
Robbietjuh
  • 205
  • 3
  • 14
1
2
3 4 5 6 7 8