I want to set the Network Policy Server (RADIUS) in Windows Server 2012 to authorize the MAC for Unifi.
The problem is that the server prompts you for a user name and password when trying to connect.
The name should be the MAC address of the device, and the password is not. I changed a value in the registry.
What am I doing wrong?
Sorry for my bad language. I used Google Translator
Hi
Could you check these articles about;
Enchange your 802.1x deployment security with MAC filtering
http://blogs.technet.com/b/nap/archive/2006/09/08/454705.aspx
MAC address Authorization
https://technet.microsoft.com/en-us/library/dd197535(v=ws.10)..aspx
- Proposed as answer by Leo HanMicrosoft contingent staff, Moderator Friday, June 19, 2015 8:04 AM
Thanks for your answer.
1. In steps writes "Join the machine to the domain." Is it necessary? I do not have that option. Users (MAC addresses) will be charged to the group in AD, but the machines are not connected to the AD.2. What type of authentication you choose?
4. Do I have to change back the value in the registry and instead use the account names mentioned values?
I am a novice administrator, so please bear with us.
Hi
1-it is for machine authentication,not must to join to domain.
2-Try to with EAP
3-you should edit "Calling-Station-ID" on users properties,dial-in tab,if you need to also edit registry can able to revert this settings.
Hi Unnamed123,
Agree with Burak. He gave the right steps to follow.
Here are some references
MAC Address Authorization:
https://technet.microsoft.com/en-us/library/dd197535%28WS.10%29.aspx?f=255&MSPPError=-2147217396
Network Policy and Access Services:
https://technet.microsoft.com/en-us/network/bb545879.aspx
Best Regards,
Leo
Hello and thank you again
for your answers,
Leo,
In your first link in the first step
writes to enable MAC authentication
on the AP. My configuration
is as follows:
I suspect that the problem prompted for a user name and password is WPA2 for Unifi. I think that the message generates Unifi system before connecting to the NPS. What do you think?
Best Regards