This a demo for essential configuration steps to authenticate wireless clients using 802.1x- Unleashed by configuring NPs policy on a Windows server.
1- Make sure the server has the necessary basic features installed.
2-Navigate to the Network Policy Server tab, access NPS (local), and choose the 'Radius server for 802.1x' option for both wireless and wired connections. Finally, select 'Configure 802.1x'
3-In this step, select 'Secure wireless connections' and customize the policy name to your preference. In this case, append 'DEMO' at the end of the policy name.
4-In this step, you need to configure the Radius Client by providing a friendly name, entering the IP address of the master Access Point, and optionally setting a password or using a password generation tool. Remember to save this configuration as it will be used in Step 9.
5-In this step, choose 'Microsoft Protect EAP (PEAP)' as the network access method
6- Next, leave the remaining options at their default settings, and conclude the configuration by clicking on the 'Finish' button.
7-Configure the “Connection Request Policies”
To configure the connection request policy, navigate to the 'Policies' section. Then, access the 'Connection Request Policy' folder and locate the policy is created with the same name. Double-click on it to access its properties. In the 'Properties' window, navigate to the 'Conditions' tab. Remove the 'Current' condition and any others if present. Add the 'Time' condition and select 'Permit all time'. Finally, click 'Apply' and then 'OK' to save the changes.
8-Configure Network policies
To configure the Network Policies access to “Network Policy” folder and locate the policy is created on the folder and locate the policy is created with the same name. Double-click on it to access its properties. In the 'Properties' window for this example, I choose to ignore the user properties dial and proceed to the 'Conditions' section. Here, I add the 'User Groups' option to use the Active Directory users.
In this part, you have the option to either use an existing group and its users or create a new group along with its users.
How to create a group and users
Navigate to the Active Directory of users and computers, then left-click on it. Next, select 'New,' followed by 'Group,' and proceed to fill in the required information.
How to create an user
Navigate to the Active Directory of users and computers, then left-click on it. Next, select 'New,' followed by 'user’, and proceed to fill in the required information (username and password ).
In this case, we need to edit the 'Member of' properties of this user. Since I want this user to belong to the earlier created 'DEMO' group, we navigate to the user's properties, specifically the 'Member of' section. Subsequently, we add the group and configure it as the primary group.
Continue with the network policies configuration next, we will select the desired group and proceed to the 'Constraints' tab. Here, we will add CHAP as the authentication method.
In the Unleashed configuration, navigate to 'Admin and Services' and then 'Services.' Click on the plus (+) sign to add the RADIUS server and fill in the information based on the configuration we completed in Step 4. Ensure that the IP address points to the RADIUS server.
10- WLAN Creation
Navigate to 'Wi-Fi Networks' and select the tab for creating a wireless network. Fill in the necessary information accordingly. In this step, the only addition is to include the server that we created in Step 9 as the authentication server.
After creating the wireless network, it's important to check the connectivity. Connect to the network and when prompted, enter the credentials of the created DEMO-USER along with the corresponding password. If the credentials match, you should be able to connect to the network without any issues.