Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, May 13, 2014 7:16 PM | 1 vote
We have a requirement from a customer of ours to stand up a Radius server using RADSEC (Radius over TLS). Does MS support this configuration, or will we have to bring up a third party solution, such as Radiator?
We'd prefer to use NPS for this.
All replies (6)
Thursday, May 15, 2014 5:47 AM âś…Answered
Hi,
Yes, the NPS suppor the EAP-TLS authentication. You can following the following steps to create the wireless EAP-TLS or PEAP-TLS authencation.
1. Configure the certificate infrastructure.
2. Configure Active Directory for accounts and groups.
3. Configure the wireless Access Point.
4. Configure the NPS server on a computer.
5. Configure Wireless Network (IEEE 802.11) Policies Group Policy settings.
6. Configure wireless clients for EAP-TLS or PEAP-TLS.
The related article:
Creating a secure 802.1x wireless infrastructure using Microsoft Windows
Hope this helps.
Tuesday, May 20, 2014 1:51 AM
Hi,
I would like to check if you need further assistance.
Thanks.
Wednesday, June 11, 2014 3:35 PM | 1 vote
The answer from Alex Lv has mis-understood the question, RADSEC (http://tools.ietf.org/html/rfc6614) isn't the same thing as EAP -TLS.
I too would like to know if NPS supports RADSEC.
Friday, June 13, 2014 8:12 AM
You can evaluate TekRADIUS; http://www.kaplansoft.com/tekradius
TekRADIUS supports TCP (RFC 6613) and TLS (RFC 6614-RadSec) transports.
Friday, June 13, 2014 8:40 AM
With NPS something like radsecproxy might be your best bet.
Sunday, February 25, 2018 10:47 PM
Can we get an update on this? It's not right that Alex Lv from MS marked his own post as the answer. We need someone at MS that knows what RadSec is to provide a relevant answer.