Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

FQDN, external dns name & wlan certificate

Status
Not open for further replies.
sgwisby

sgwisby

Technical User
Apr 13, 2005
148
US
We set up wireles network with a Windows Server 2003 as the IAS server. We purchased a certificate from Verisign and at that time indicated that the Common Name(FQDN) for the cert would be the server name with the external dns suffix(maybe it should have been the internal dns name).
Does the cert name have to match the internal FQDN for the IAS server?
The external dns name is recognizable from inside the network, so I would think that the clients would get authenticated, but they are not.

Thanks
David
 
Sort by date Sort by votes
Don't quite understand what you are doing. Can you elaborate? Here's what I think so far.

The IAS server is a radius server, used to authenticate "remote" users on your network, the radius server will I think authenticate users who conect to a specific IP, if your server has 2 IP's, one internal, one external, then only users external to your network connecting to the external IP wil be authenticated. Users on your LAN should authentica using either local accounts or domain accounts. I haven't used windows RADIUS but I'm sure I'm right, I could also be wrong. It all depends on what your trying to acheive?

Dave
 
Upvote 0 Downvote
Actually, we are using the RADIUS server for wireless access on the LAN authenticating against AD using PEAP.
When I started this I was unfamiliar with RADIUS, IAS and Certificates and was told to set the server up with an external DNS record(now I realize this was not necessary).
At that time I used the external DNS FQDN for the certificate to use for authenticating wireless clients.
This will not be used to authenticate external users or for VPN, just wireless.
I read where you could use an alias DNS suffix for the server and it should work with the server side cert, however I have a problem with authentication and it appears to be between the WAP client and the authentication protocol.
Thanks for your time,
David
 
Upvote 0 Downvote
looks like you someone with more radius experience than me. good luck!
Dave
 
Upvote 0 Downvote
Thanks anyway Dave. You efforts are appreciated.

David
 
Upvote 0 Downvote
Certificate was setup and imported properly, however the wireless cards needed to be set to 'Use Windows to configure wireless network settings' under the wireless network connection properties. All along we thought it was problem with communications between the access point and the authenticatioin protocol, but it was really the wireless card config.
Thanks to everyone who responded.
David
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
444
suncit
suncit
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
437
fredmartinmaine
fredmartinmaine
DrB0b
  • Locked
  • Question
HyperV trying to do extended replica to external HDD
Replies
0
Views
104
DrB0b
DrB0b
telecotek1
  • Locked
  • Question
strange DNS issue
Replies
1
Views
194
telecotek1
telecotek1
evr72
  • Locked
  • Question
Wundows Server 2003 DNS can resolve names but not ip addresses
Replies
0
Views
76
evr72
evr72

Part and Inventory Search

Sponsor

Back
Top