cancel
Showing results for 
Search instead for 
Did you mean: 

Setup 802.1x on WiFi network using Ruckus Cloud

david_levine
New Contributor III

Hi all,

I am trying to get 802.1x working on our ICX switches and on our WiFi. 

All switches and APs / WiFi networks are managed in Ruckus Cloud.

I have configured a test wireless network for Enterprise AAA (802.1x), and have a RADIUS server setup (Windows 2019 with the NPS role). 

When I try to connect to the WiFi network, I get prompted for my username and password, but I don't get past that, and cannot connect.

I am completely new to this; Is there any testing tool or tips that might help? 

I have added all our APs as RADIUS clients in the NPS server, and have double checked the shared secret.

I have created a basic Network Policy in the NPS server; grant access to domain users, Microsoft PEAP w/ MS-CHAP-v2. Nothing special... just trying to get username/password auth to connect to the WiFi.

When trying to connect from a laptop, I get prompted for username and password, but cannot successfully auth. Pretty much same behavior if trying from a domain joined laptop or a non domain joined laptop.

Any tips are much appreciated!

1 ACCEPTED SOLUTION

david_levine
New Contributor III

So, a little embarrassing, but it looks like stuff started working once I set the local Windows firewall on the NPS server to allow all incoming connections. 

This is strange because - when installing / configuring the NPS role - the corresponding allow rules were automatically created (I had double checked that a few times while working through this process). So, maybe there is some port requirement other than UDP 1812, 1645, 1813, 1646... and TCP 135 and RPC Dynamic Ports...

Image_ images_messages_60954a4e131c1e0a9578d940_0899f232ad20d20bcc98a9aba8e70fe8_NPSfirewallrules-f23f1493-5d4b-4a05-9512-f5881d02457f-1987452671.png

Anyone run into this before?

Thanks!

View solution in original post

14 REPLIES 14

Hi David,

If you can please open a support case and confirm the case number, we will be happy to assist you.

Or

Could you please enable support on your Cloud account.


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn

david_levine
New Contributor III

So, a little embarrassing, but it looks like stuff started working once I set the local Windows firewall on the NPS server to allow all incoming connections. 

This is strange because - when installing / configuring the NPS role - the corresponding allow rules were automatically created (I had double checked that a few times while working through this process). So, maybe there is some port requirement other than UDP 1812, 1645, 1813, 1646... and TCP 135 and RPC Dynamic Ports...

Image_ images_messages_60954a4e131c1e0a9578d940_0899f232ad20d20bcc98a9aba8e70fe8_NPSfirewallrules-f23f1493-5d4b-4a05-9512-f5881d02457f-1987452671.png

Anyone run into this before?

Thanks!

Hi David,

Good to know that its working now!

I have not seen similar issue, may be windows server experts can give more insights on this.

For Cloud Analytics, are you still getting error? If yes, could you please try to create a new test venue and see if error goes away on Analytics?


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn

Analytics is working - and finding client info helped - I was able to see my test laptop connect and try to do PEAP, and that the RADIUS server was not responding.

However it seems that there is some delay in when data is visible in analytics... is this normal? 12-24 hours?

Thanks,

Hi David,

I am glad to know that both the issues has been fixed!

Yes, on a new account, there could be some delay but not 12-24 hrs.

Wait for some time as Analytics seems started getting data recently (you were getting error yesterday on GUI and that was mostly because connection profile was not created correctly).


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn