Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can't figure out how to setup Mac Authentication with MS 2k3 IAS..

Status
Not open for further replies.
33788

33788

IS-IT--Management
Mar 15, 2005
97
US
Does anyone have step by step instruction or know of a site that has the step by step instructions on configuring MS 2k3 IAS to do Mac Authentication. I've got EAP going good on the IAS. I'm using a Cisco Aironet 1240AG. Just wanted to put i another added security feature. Any help would be appreicated. Thanks.
 
Sort by date Sort by votes
First of all thanks for the response jdeisenm. I'm using EAP (IEEE 802.1x Authentication, PEAP, WEP, MS-CHAP-V2). The AP is getting a cert. from the cert. server. A user has to put in their AD user name and password to gain access to any wireless. I'm not broadcasting the SSID, it's all internal. The AP is on a different VLAN with ACL's. It's also currently doing just local MAC Address authentication so I'm manually putting them in. Since everything is working out good I was thinking about adding 2 more Cisco 1240AG's. I'd like to just have one central location where all the AP's can look at for MAC address authentication. So the EAP part works fine just can't figure out the MAC Address peice with MS Windows 2003 IAS. Thanks and excuse my terminology, I'm still new to this stuff.
 
Upvote 0 Downvote
presuming you have the ap set correctly, make a domain account that has the mac address all lower case xxyyzz112233 then copy /paste the mac address into the password field
 
Upvote 0 Downvote
Okay jdeisenm, I've done that and have told the Cisco AP now to look at the IAS W2K3 for Mac Authentication instead of the local list. Is their anything I have to do on the IAS end though? Do you know of a way to verify if the Mac Authendication worked? Also in the domain account is their any other settings or is it all MAC address for username and password? Thanks ahead.
 
Upvote 0 Downvote
presuming you have the ap set correctly, make a domain account that has the mac address all lower case xxyyzz112233 then copy /paste the mac address into the password field
Click to expand...

Can you confirm this works? I have never seen IAS used for MAC Authentication before and didn't think this would work.
Have you any URLs with details of this?

Andy
 
Upvote 0 Downvote
Are you doing accounting or logging of the radius AAA? What does it say? My experience with was with Funk/Juniper Steel Belted Radius and an Windows 2K domain. The radius accounting log showed the authentication result. If the password got entered and saved incorrectly, the account would lock out. I'm not too familiar with IAS does. Does one define a windows group? Do the mac account need to be in that group?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ntue
  • Question
Mikrotik Bulk Users Setup
Replies
1
Views
1K
loki88
loki88
DTGMI
  • Locked
  • Question
Netgear Nighthawk M6 Pro - Need to add ext Antenna
Replies
0
Views
205
DTGMI
DTGMI
mwiinde
  • Locked
  • Question
How to Send Data Packet From Ms Access 2016 to Rs 232 Serial Port
Replies
0
Views
100
mwiinde
mwiinde
hipath4k
  • Locked
  • Question
WIFI router with inbuilt multiple user login and password
Replies
0
Views
94
hipath4k
hipath4k
smittywes38
  • Locked
  • Question
Unable to print to wireless printer connected to VPN
Replies
0
Views
93
smittywes38
smittywes38

Part and Inventory Search

Sponsor

Back
Top