Skip navigation

Radius setup with Windows

2774 Views 8 Replies Latest reply: Mar 4, 2013 3:30 PM by marcotul RSS
jeffyyy Level 1 Level 1 (0 points)
Currently Being Moderated
Mar 2, 2011 3:23 PM
I am trying to setup the RADIUS server and I am able to get everything configured with my TimeCapsule/Airport Station successfully so that all of my macs and iOS devices can login and access the network. However, windows clients (Running Windows 7) are not able to connect, all I get is a Cannot Connect to Network error, any ideas?
Mac Mini, iPhone 4, Other OS
  • ethero Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 18, 2011 9:03 AM (in response to jeffyyy)

    I'm having the same exact issue. I wish I could just get a rundown of what type of encryption, radius type, etc that I need to put into the windows client in order to get it to connect. There is like NO information on this topic.

  • techgal Level 1 Level 1 (5 points)
    Currently Being Moderated
    Nov 18, 2011 12:16 PM (in response to ethero)

    Any solution to your problem? What did you eventually do ethero? I am having the same issue. Radius servers in 3 highschools, no windows machines able to connect as there is absolutely no documentation out there on this topic.

  • techgal Level 1 Level 1 (5 points)
    Currently Being Moderated
    Nov 18, 2011 12:17 PM (in response to techgal)

    BTW, I paid for apple enterprise support and they were unable to help. There must be someone out there authenticating to leopard radius with windows.

  • ndutyme Level 1 Level 1 (0 points)
    Currently Being Moderated
    Nov 21, 2011 9:15 PM (in response to jeffyyy)

    I got it working on Windows 7 and Windows XP after long and hard fiddling. To get Windows 7 to connect, I found the easiest way was to start from scratch by creating a new wireless connection instead of trying to join a wireless network that shows up in the list of available networks to connect to.

     

    Open Network and Sharing Center.

    1. Select Manage wireless networks in the left menu.
    2. Click the Add button, and select Manually create a network profile.
    3. Enter following data, as shown in the image below, then click Next:
      • Network name: YOURNETWORKNAME
      • Security type: WPA2-Enterprise
      • Encryption type: AES
      • Security Key: <leave blank>
      • If you want your computer to automatically select CAEN whenever it is available, check Start this connection automatically:
    4. You will see a window that says Successfully added YOURNETWORKNAME. Do not close this window yet. Click Change connection settings
    5. In the YOURNETWORKNAME Wireless Network Properties window, select the Security tab:
    6. In the drop-down menu for Choose a network authentication method, select Microsoft: Protected EAP (PEAP).
    7. If you do not wish to enter your password each time you connect, check the box next to Remember my credentials for this connection each time I'm logged on.
    8. Click the Settings button.
    9. In the Protected EAP Properties window (shown below), uncheck the Validate server certificate box.
    10. Make sure the box next to Enable Fast Reconnect is checked.
    11. Under Select Authentication Method, select Secured password (EAP-MSCHAP v2), and click the Configure... button.
    12. Uncheck Automatically use my Windows logon name and password (and domain if any), and click OK
    13. Click OK, to close the Protected EAP Properties window, and return to the YOURNETWORKNAME Wireless Network Properties window.
    14. Click the Advanced settings button.
    15. In the 802.1X settings tab, check the box next to Specify authentication mode and select User authentication from the drop-down menu
    16. Click OK to close the Advanced settings window, and click OK again to close the YOURNETWORKNAME Wireless Network Properties window.
    17. If you are in range of a YOURNETWORKNAME wireless access point, you will be automatically be prompted to Enter/select additional logon information
    18. When prompted for Network Authentication, enter your username and password

     

    I was also able to get our other Netgear wireless access points to work with Snow Leopard Server's Radius authentication. Under Server Admin->RADIUS->Base Stations:

    1. Click the PLUS button
    2. Give it a name you want (like model/location)
    3. In the Type field put "other" without the quotes
    4. Put in the IP address of the access point
    5. Enter a Shared Secret for this access point

     

    Hope this helps as it was hard to find and figure out all this stuff on our own. Figured it was my turn to pay back to the forums

  • techgal Level 1 Level 1 (5 points)
    Currently Being Moderated
    Feb 2, 2012 1:50 PM (in response to ndutyme)

    Thank you for this!!! Yes, absolutely zero documentation on this problem... unbelievable.

  • NCgeek Level 1 Level 1 (0 points)
    Currently Being Moderated
    Mar 5, 2012 9:36 PM (in response to jeffyyy)

    Thank you so much for taking the time to share and document this!  You just saved me a lot of time!

     

    -Keith

  • dreamfelix Level 1 Level 1 (0 points)
    Currently Being Moderated
    Feb 17, 2013 8:38 PM (in response to ndutyme)

    Your right. Problem solved! Thanks a lot!

  • marcotul Level 1 Level 1 (0 points)
    Currently Being Moderated
    Mar 4, 2013 3:30 PM (in response to ndutyme)

    I followed these steps exactly and nothing.  I get tls session failed in radius log. Running 10.6.8 server.  I don't see a way to change the ttls/ tls setting in radius configuration. How did you all get these settings to work?  Also I ended up hardwiring Apple TV due to complications with not having a new enough os to run apple configurator to upload a connection file...  Anyway sorry that's off topic.  Any suggestions?  Did all the people claiming it works all have the asme network adapter on the windows side?

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.