Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Wireless Radius Authentication

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Wireless Radius Authentication Page: [1]
Login
Message << Older Topic   Newer Topic >>
Wireless Radius Authentication - 26.Jul.2005 6:50:00 AM   
matthewhart

 

Posts: 5
Joined: 26.Jul.2005
From: England
Status: offline 		Is there anyway to allow PEAP/RADIUS traffic from a Netgear AP (WPA/RADIUS) through an ISA to an internal radius server (IAS)

It works without the ISA server on the same network but if you separate the clients and AP onto a separate network it can't authenticate

This is the basic layout of what I want

CLIENT LAPTOP >> AP >> ISA << RADIUS SERVER

I have access rules to allow all traffic from the

Local host to internal/wireless
Internal to local/wireless
Wireless to internal/local

Wireless and internal have a route relationship

Please help I can't find any thing on this.

Tom I have all the books if it is in there somewhere
Post #: 1
RE: Wireless Radius Authentication - 26.Jul.2005 8:41:00 AM   
ClintD

 

Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline 		What does the Monitoring\Logging function show for the RADIUS Traffic? Use the Live logging function and add a "Client IP" and specify the APs address to help limit the results.

(in reply to matthewhart)
Post #: 2
RE: Wireless Radius Authentication - 26.Jul.2005 9:57:00 AM   
matthewhart

 

Posts: 5
Joined: 26.Jul.2005
From: England
Status: offline 		No traffic at all :-(

So I tried to install the IAS server on the ISA server itself, it works perfectly.

Do you think it is the wireless APs?

If you specify an address outside the subnet it sends no traffic, but when you specify the address of the ISA server it works perfectly (wireless interface i.e. same subnet)

(in reply to matthewhart)
Post #: 3
RE: Wireless Radius Authentication - 26.Jul.2005 10:21:00 AM   
ClintD

 

Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline 		Who is the Default Gateway of the Netgear AP? It sounds like it doesn't know where to go if the RADIUS Server is off its subnet.

I wonder if you took a network trace from the ISA Server if you would see the AP ARPing for its Default Gateway or at least ARPing for some other device as it tries to contact the RADIUS Server.

(in reply to matthewhart)
Post #: 4
RE: Wireless Radius Authentication - 26.Jul.2005 11:20:00 AM   
matthewhart

 

Posts: 5
Joined: 26.Jul.2005
From: England
Status: offline 		The default gateway is set to the isa interface i thought the same thing. The AP log just has "timed out" so something isn't right but the ISA log is empty.

(in reply to matthewhart)
Post #: 5
RE: Wireless Radius Authentication - 26.Jul.2005 11:32:00 AM   
ClintD

 

Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline 		Well, about the only other thing I can suggest is the Network Monitor trace of the AP attempting to communicate. You should at least see the ARP request from it.

(in reply to matthewhart)
Post #: 6
RE: Wireless Radius Authentication - 26.Jul.2005 4:20:00 PM   
matthewhart

 

Posts: 5
Joined: 26.Jul.2005
From: England
Status: offline 		ok, thanks for the suggestions they have been really helpful. At least it works on the ISA server that will get me started.

(in reply to matthewhart)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Wireless Radius Authentication Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts