Setting up a Radius server

I have setup NPS for Radius / Mac authentication to my Meru Wireless controller, I've created user accounts for my mac clients. The request to connect to the wireless controller is setup and the connection is authenticated on the controller, the controller
then sends the request to the AD Radius server with mac username and password for authentication and it fails. The NPS returns an error that the username and password have a mismatch.

Hi,
First please make sure that the username and password are correct. Do not forget to add the domain name after the username. Normally, it should like
[email protected] or YOURDOMAIN\username.
Please check if the NPS server has been registered in the domain controller. To verify this, please check if the NPS server has been added into the
RAS and IAS Servers group in the domain controller.
If issue persists, please provide the detailed configuration of your Network Policy. It may give some hints.
Best Regards.
Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

Similar Messages

Configuring Cisco Aironet 1140 for Radius and setting up a Radius server

guys i need some help setting up my Radius to work with cisco aironet 1140, i am new at this however i was tasked with setting up a Radius server and setting our AP with WPA2- enterprise so users can log into our AP using AD credentials.
When i try to setup on the AP a new SSID i do not see the option for WPA2- enterprise?

Here are other links with examples:
https://supportforums.cisco.com/thread/331581
http://targetcisco.blogspot.com/2011/03/cisco-autonomous-access-point.html
http://downloads.avaya.com/css/P8/documents/100041614
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"

Access denied when ssh in window server 2008 after set it as radius server

yesterday i succeed to use aaa to login and can see aaa in sh aaa session
https://murison.wordpress.com/2010/11/11/cisco-radius-configuration-with-server-2008-r2/
today i simulate again, it access denied, do not know where is wrong
win 192.168.2.12 --- switch 192.168.2.5 --- 192.168.2.1 R1
R1
conf t
hostname router1
int FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
no shut
end
conf t
ip route 192.168.2.0 255.255.255.0 192.168.2.5
end
enable
configure terminal
enable secret cisco
end
conf t
aaa new-model
username radiusclient privilege 15 password 0 cisco
crypto key generate rsa
ip ssh time-out 60
ip ssh version 2
line vty 0 4
transport input ssh
exit
line vty 5 15
transport input ssh
exit
ip domain-name radius1.local
radius-server host 192.168.2.12
radius-server key cisco
aaa group server radius NPSSERVER
server 192.168.2.12
exit
aaa authentication login default group NPSSERVER local
aaa authorization exec default group NPSSERVER local
exit
R2
conf t
vlan 10
int vlan 10
ip address 192.168.2.5 255.255.255.0
end
conf t
hostname router2
int FastEthernet1/0
switchport
switchport access vlan 10
switchport mode access
shutdown
no shut
end
conf t
hostname router2
int FastEthernet1/1
switchport
switchport access vlan 10
switchport mode access
shutdown
no shut
end
conf t
hostname router2
int FastEthernet1/2
switchport
switchport access vlan 10
switchport mode access
shutdown
no shut
end
R3
conf t
hostname router3
int FastEthernet0/0
ip address 192.168.2.7 255.255.255.0
no shut
end
conf t
ip route 192.168.2.0 255.255.255.0 192.168.2.5
end

Hi,
The configuration looks fine. What do you see in radius server as the reason for authentication failure?
Regards,
Kanwal
Note: Please mark answers if they are helpful.

Radius server not returning Filter-id information to access device

I have set up a Radius server (v. 4.15 16 april 2003) on NW65sp2 server
and I'm trying to use it to authenticate to a Watchguard Firebox II
firewall. The authentication functions but apparently the firewall is
not getting (or not parsing) the Filter-Id information to assign access
rights via groups. When I login to the firewall with "user1", the
response is "Authenticationsucceeded, but no access grantedfor user". If
I define "user1" on the firewall and assign it to an access policy, then
everything works. But if I define an access group "group1" and assign
it to an access policy on the firewall and then assign "group1" to the
eDir Access Profile object that is assigned to "user1", (Filter-Id =
group1) I get the above authentication succesful, but no access granted.
Is there a way to identify exactly what information is being sent from
the Radius server to the access device so I can determine if the problem
is on the Novell Radius server side or the Watchguard Firewall side?
I've activated the Radius Debug Log, but that only tells me that it
finds all the relevant objects in eDirectory and that authentication is
successfull, but there is no indication that any other information is
being sent to the access device.
As I understand it, the filer-id's are supposed to allow a link between
the eDir user objects and what access rights are allowed on the access
device (firewall). Essentially this is how I define group memberships on
the firewall using eDir user. Is this assumption correct?
The goal of course is to allow access over the firewall without having
to type in 500 user names on the firewall.
Any ideas or tips on what I could check or configure differently would
be helpful. thanks
bill reading

thanks for the feedback. I will take a look at the thread you mentioned
and I'll get back to you with the trace as soon as I can arrange it.
Scott Kiester wrote:
> There is a thread titled "RADIUS Group with VASCO Digipass" in this group
> from November where someone else was trying to use the filter-Id attribute
> with their firewall. The customer was able to get this attribute to working
> after tweaking his RADIUS configuration.
>
> Your understanding of the filter-Id attribute is correct. Either the RADIUS
> server is not sending this attribute for some reason, or something on your
> firewall has been misconfigured. A good starting point would be to take a
> sniffer trace to see if the filter-Id attribute is in the access-request
> packet. (You can use Ethereal, which is a free download from
> www.ethereal.com, for the trace.) Post the trace here or send it to me at
> [email protected] and I'll take a look at it.
>
>
>>>>bill reading<[email protected]> 12/07/04 8:36 AM >>>
>
> I have set up a Radius server (v. 4.15 16 april 2003) on NW65sp2 server
> and I'm trying to use it to authenticate to a Watchguard Firebox II
> firewall. The authentication functions but apparently the firewall is
> not getting (or not parsing) the Filter-Id information to assign access
> rights via groups. When I login to the firewall with "user1", the
> response is "Authenticationsucceeded, but no access grantedfor user". If
> I define "user1" on the firewall and assign it to an access policy, then
> everything works. But if I define an access group "group1" and assign
> it to an access policy on the firewall and then assign "group1" to the
> eDir Access Profile object that is assigned to "user1", (Filter-Id =
> group1) I get the above authentication succesful, but no access granted.
> Is there a way to identify exactly what information is being sent from
> the Radius server to the access device so I can determine if the problem
> is on the Novell Radius server side or the Watchguard Firewall side?
> I've activated the Radius Debug Log, but that only tells me that it
> finds all the relevant objects in eDirectory and that authentication is
> successfull, but there is no indication that any other information is
> being sent to the access device.
>
> As I understand it, the filer-id's are supposed to allow a link between
> the eDir user objects and what access rights are allowed on the access
> device (firewall). Essentially this is how I define group memberships on
> the firewall using eDir user. Is this assumption correct?
>
> The goal of course is to allow access over the firewall without having
> to type in 500 user names on the firewall.
>
> Any ideas or tips on what I could check or configure differently would
> be helpful. thanks
>
> bill reading
>
>

RADIUS Server on Mac OS X Server 10.5 Leopard

I must set up a Radius Server on my LAN and WLAN, I will do this with Mac OS X Server v.10.5 Leopard but I don't know if it's compatible with any routers(for LAN and WLAN Access) and with Windows XP Pro SP3 computers.
Can anyone help me????

I know this question is fairly old but I can now state that as of last night I am using a Netgear WN802T - 200 access point paired with the RADIUS service on a Leopard Server.
Leave the "type" of station either blank or other for Netgear.
Accounting does not seem to work and throws errors in the radiusd log, but other than that the Mac clients and iPhones show a WPA2 Enterprise connection.
Your mileage may vary.

Wrv200 and radius server does not work

I am "upgrading" from a dlink di-524 to a wrv200 because I want multiple ssid's. I have my old ssid configured to use the same radius server, port, password, etc. on the wrv200 as on the dlink. When I try to connect it does not authenticate. (Using certificates - wpa2 Enterprise.) The dlink will still authenticate if I plug that back in. The wrv200 seems to be getting to the radius server since it will complain if I change the ip address of the wrv200 to something unexpected. However, the authentication never finishes. It's as if something just does not pass through the router or is dropped. There are no messages on the radius server, not even a rejected or successful message. Does anyone have any ideas on this? I'd hate to have to use 2 routers to add an ssid (I already have 3 in my network.)
Message Edited by Howlie on 12-11-2007 06:48 PM

Sorry to take so long to reply. I'm using freeradius under Fedora 7. Thanks for the url but I already saw that when I was setting up the radius server. I chatted with tech support about the issue and, since I'm using a wrvs4400n with the same radius settings and working, it is probably a firmware issue. I guess I'll have to just wait for the firmware to catch up.
Message Edited by Howlie on 12-15-2007 03:44 AM

Multiple stand alone servers using one radius server?

Hello, I have a question.
I'm working for a company and our problem is we need a username and password for every server.
We would like to set up a Radius server using an extension so it can use a SQL database for the users.
Is it possible to put 1 username and 1 password for each user in this database so we don't need more then one for each server?
Also can we set up policy's for those users so they can't access every stand-alone server.
Kind Regards,
Michael

Hi,
Based on my research, when a RADIUS client (access server) sends connection requests and accounting messages to a RADIUS server, the RADIUS server will sends back an Access-Accept message or sends back an Access-Reject message to authenticate and authorize
the connection requests based on a set of rules and the information in the user account database. The Access-Accept message can contain connection restrictions that are implemented by the access server for the duration of the connection.
In addition, according to your description, it seems that you used the SQL database as the User account database. Did you use NPS as a RADIUS server? If yes, maybe you can configure related network policy to restrict access. I would appreciate it if you can
introduce more detailed information about your environment. The link below may be helpful:
Configuring Microsoft NPS (Network Policy Server) / (Internet Authentication Service)IAS as Wireless LAN Controller (WLC) RADIUS Server
Best regards,
Susie

How to set two radius servers one is window NPS another is cisco radius server

how to set two radius servers one is window NPS another is cisco radius server
when i try the following command, once window priority is first , i type cisco radius user name, it authenticated fail
i can not use both at the same time
radius-server host 192.168.1.3 is window NPS
radius-server host 192.168.1.1 is cisco radius
http://blog.skufel.net/2012/06/how-to-integrating-cisco-devices-access-with-microsoft-npsradius/
conf t
no aaa authentication login default line
no aaa authentication login local group radius
no aaa authorization exec default group radius if-authenticated
no aaa authorization network default group radius
no aaa accounting connection default start-stop group radius
aaa new-model
aaa group server radius IAS
server 192.168.1.1 auth-port 1812 acct-port 1813
server 192.168.1.3 auth-port 1812 acct-port 1813
aaa authentication login userAuthentication local group IAS
aaa authorization exec userAuthorization local group IAS if-authenticated
aaa authorization network userAuthorization local group IAS
aaa accounting exec default start-stop group IAS
aaa accounting system default start-stop group IAS
aaa session-id common
radius-server host 192.168.1.1 auth-port 1812 acct-port 1813
radius-server host 192.168.1.2 auth-port 1812 acct-port 1813
radius-server host 192.168.1.3 auth-port 1645 acct-port 1646
radius-server host 192.168.1.3 auth-port 1812 acct-port 1813
privilege exec level 1 show config
ip radius source-interface Gi0/1
line vty 0 4
authorization exec userAuthorization
login authentication userAuthentication
transport input telnet
line vty 5 15
authorization exec userAuthorization
login authentication userAuthentication
transport input telnet
end
conf t
aaa group server radius IAS
server 192.168.1.3 auth-port 1812 acct-port 1813
server 192.168.1.1 auth-port 1812 acct-port 1813
end

The first AAA server listed in your config will always be used unless/until it becomes unavailable. At that point the NAD would move down to the next AAA server defined on the list and use that one until it becomes unavailable and then move to third one, and so on.
If you want to use two AAA servers at the same time then you will need to put a load balancer in front of them. Then the virtual IP (vip) will be listed in the NADs vs the individual AAA servers' IPs.
I hope this helps!
Thank you for rating helpful posts!

Setting up Radius server on Autonomous1200 series AP

We have two Autonomous AP's (1220B) that we want to communicate with our RADIUS server using Open Authentication with EAP. When this is set to Open Authentication without additions, I can connect to the network, however when it is set to use EAP, and try to reconnect to the network, an error message is displayed saying "Failed to authenticate." The IP Address of the RADIUS server and the shared secret are the same. Can anybody explain why this is please?

I've got a SonicWall configured for L2TP over IPSec VPN. However, I'm not able to login to it using a Windows domain account only local SonicWall users accounts I've created. I get Error 691: (wrong password or authentication protocol not permitted) - I know the password is correct.
I setup the RADIUS Network Policies on the Windows 2012 Server. However I'm not sure what I need to change on the SonicWall. We also have Global VPN clients connecting to the VPN with IKEv2 so I don't want to prevent them from continuing to use the Global VPN client or have to make any changes on those pre-existing clients. We just want the ability for people to also login to the VPN with the native Windows VPN client too via L2TP over IPSec.
This topic first appeared in the Spiceworks Community

Setting Radius server for Airport Extreme

Hi all,
I have AP Airport Extreme. I updated it to the latest version of firmware and Airport utility.
I am trying to set the AP to connect to Microsoft Radius server (Windows server 2003). The problem is that in the security, I don't have WPA/WPA2 Enterprise. I only have WPA/WPA2 personal. I do have option to configure the radius properties (IP, Port, etc'...).
What should I do in order to set my AP to connect to Microsoft Windows server 2003?
Thanks for your help.

About the only one I'm aware of is the D-Link DPR-1260, which supports up to 4 printers. I have the predecessor to this print server, but it was horribly unreliable, requiring a reboot at least once a day, so YMMV. I settled on a Buffalo WLI-TX4-G54HP wireless-to-Ethernet bridge (with built-in 4-port Ethernet switch) and use my Belkin F1UP0001 in Ethernet mode. This combination gives me the option of adding network-enabled printers at a later date.

Set-up Radius Server to ACS 4.2 and AD server

Hi Guys,
I would like to ask help from you on how to set-up Radius server in ACS 4.2 (step-by-step guide or link), wireless client will be authenticated via Active Directory when connecting to our Wireless AP so it means that our Wireless AP is added as client to Radius server.
Thanks in advance!
regards,
Gagamboy

Hi Colin
thanks for your answer, we had the this setting correct. I was able to solve the problem yesterday, we had some faults in the AD mapping.
I didn't know that when I select more AD groups for one ACS group in one step, that the user / host has to be in every of these AD groups (AND conjunction).
Now I only added one AD group for my ACS group and it works. The error message "AD user restriction" was not very helpful for finding this fault ;-)
Regards
Dominic

WLC "radius server overwrite interface" setting

Hello
I'm looking at using "radius server overwrite interface" on a WLAN as a replacement for Called-Station-ID for Radius to match on SSID.
When I enable "radius server overwrite interface" on a WLAN and join a client to the SSID I can see (via packet capture) that the WLC is correctly sourcing the Radius packets with the WLAN's "dynamic" interface IP Address. The problem is that the Radius server doesn't repond to these requests. Radius is configured with rules to match the new IP address but I see nothing (pass or fail) in the logs.
Interestingly, the packet captures shows the correct NAS IP address (the WLAN interface IP Address) but always shows the WLC hostname as NAS-ID (regardless of NAS-ID settings on the WLAN or WLAN interface)
I've tried WLC software 7.4.110.0, 7.4.121.0 and 7.6.100.0 with the same results but Radius never responds. Radius is Cisco ACS 5.5.0.46. Any ideas as to why this is happening?
Thanks
Andy

Hi Scott
installed ACS 5.4 0.46.6 and I still have the same problem - ACS doesn't respond to request from WLC when "radius server overwrite interface" is enabled on WLAN and nothing appears in the logs. With "radius server overwrite interface" disabled on the WLAN, authentication is a success and I can see this in the logs.
I had a look a the packet captures I took earlier and the attributes in the Access-Request look ok - the only attribute I wasn't sure about was Message-Authenticator. Found this ietf document http://www.ietf.org/rfc/rfc2869.txt which mentions "silent discards" of Radius packets with non existent or incorrect Message-Authenticator attributes. I'm not sure if this is what I'm seeing on ACS when it receives the "radius server overwrite interface" Access-Request packets. ACS is under contract so I will contact TAC about this.
Mt production ACS cluster was upgraded from latest version of 5.3 to 5.5 with no loss of historic logs (logging after upgrade worked fine also). The upgrade did take a while with the log-collector. When it had completed I checked the Data Upgrade Status under Monitoring configuration and it showed that the upgrade was successful.
Thanks for your help with this.
Cheers
Andy

Can't authenticate Mac VPN client from RADIUS server

Hello,
I'm a real noob here so please bear with me.
I have been able to configure my PIX 515E to allow VPN connections onto my network, but what I need to do is set up some sort of user authentication to control access at a user level. From what I've read here and in the Configuration Guide I should be able to do this authentication with a RADIUS server. I'm running a Corriente Networks Elektron Security server which has RADIUS server capabilities. It is running on my (inside) interface at IP 192.168.10.26.
I thought that I had everything configured properly but it never seems to authenticate. I connect, the XAUTH window pops up, I add my username and password as it's configured on my RADIUS server, but when I click OK it just cycles the progress bar at the bottom and eventually times out. The client log doesn't show me anything and the log on the RADIUS server shows me nothing. Any ideas? this seems like it should be simple because I can connect until I attempt to authenticate to the RADIUS server.
TIA for any direction you can provide me.
Christine

If it helps, here is my config with a some of the non-related bits deleted:
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 DMZ security50
enable password ********* encrypted
passwd ******* encrypted
hostname pixfirewall
domain-name acme.com
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol http 80
fixup protocol http 82
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
access-list inside_outbound_nat0_acl permit ip any 192.168.10.0 255.255.255.0
access-list inside_outbound_nat0_acl permit ip host 192.168.10.26 192.168.10.192 255.255.255.224
access-list inside_outbound_nat0_acl permit ip host 192.168.10.69 192.168.10.192 255.255.255.224
access-list outside_cryptomap_dyn_20 permit ip any 192.168.10.0 255.255.255.0
access-list outside_cryptomap_dyn_40 permit ip any 192.168.10.192 255.255.255.224
mtu outside 1500
mtu inside 1500
mtu DMZ 1500
ip address outside 207.XXX.XXX.130 255.255.255.0
ip address inside 192.168.10.1 255.255.255.0
ip address DMZ 192.168.100.1 255.255.255.0
multicast interface inside
ip audit info action alarm
ip audit attack action alarm
ip local pool CBI_VPN_Pool 192.168.10.201-192.168.10.220
pdm location 192.168.10.50 255.255.255.255 inside
pdm group CBI_Servers inside
pdm logging warnings 100
pdm history enable
arp timeout 14400
global (outside) 200 interface
global (DMZ) 200 interface
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 200 192.168.10.0 255.255.255.0 0 0
static (inside,outside) 207.XXX.XXX.150 192.168.10.27 netmask 255.255.255.255 0 0
static (inside,outside) 207.XXX.XXX.132 192.168.10.26 dns netmask 255.255.255.255 0 0
access-group 100 in interface outside
route outside 0.0.0.0 0.0.0.0 207.XXX.XXX.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server radius-authport 1812
aaa-server radius-acctport 1812
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server RADIUS (inside) host 192.168.10.26 ************* timeout 10
aaa-server LOCAL protocol local
http server enable
http 192.168.10.3 255.255.255.255 inside
no floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-DES-MD5
crypto dynamic-map outside_dyn_map 40 match address outside_cryptomap_dyn_40
crypto dynamic-map outside_dyn_map 40 set transform-set ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map client authentication RADIUS
crypto map outside_map interface outside
crypto map inside_map interface inside
isakmp enable outside
isakmp nat-traversal 3600
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
vpngroup Test_VPN address-pool CBI_VPN_Pool
vpngroup Test_VPN dns-server 142.77.2.101 142.77.2.36
vpngroup Test_VPN default-domain acme.com
vpngroup Test_VPN idle-time 1800
vpngroup Test_VPN authentication-server RADIUS
vpngroup Test_VPN user-authentication
vpngroup Test_VPN user-idle-timeout 1200
vpngroup Test_VPN password ********
ssh timeout 5
console timeout 0
dhcpd address 192.168.10.100-192.168.10.254 inside
dhcpd dns 142.77.2.101 142.77.2.36
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside

Using RSA RADIUS Server and WLC 7.4 to dynamically asssign users to VLAN

Hello,
What we are trying to do:
John logs on to wifi using RSA fob for password. RSA sends back auth request with attibutes to WLC 7.4 that magically knows how to interpret the attributes and puts John on vlan 10. Mary logs on with her fob and gets put on VLAN 20.
We dont have ISE. We dont have ACS. We have RSA Authentication Manager 7.0
We have looked high and low for documentation for this kind of setup and we find stuff that is close to a match but not quite.
Here is what we are seeing
1. dynamic vlan assignment is not working -- radius server is set with the attributes
2. RSA authentication works
3. John and Mary are always put into the VLAN where the MGMT interface is
4. I can see that attributes are making it back to the WLC by sniffing
We are stuck at this point. Any help would be much appreciated,
P.

Here is a little more background:
We have created a dynamic interface in VLAN 157
Wireless LAN has been assigned to MGMT interface which is on VLAN 35
This is a VWLC ver 7.4.100
AP is attached to VWLC (only FlexConnect mode is supported)
RADIUS Server has been configured
Users are getting assigned to VLAN 35
Also I have attached some screenshots and two packet captures so you can see what the RSA is sending back with your own eyes
I dont see any atttributes in the capture when RSA sends to the VWLC
I see attributes in the capture when RSA send to my local RADIUS Client (My PC)
And to answer your question we have sending a VLAN ID (157)

Bridging a WPA2 Enterprise Radius Server (Lion Server) to Apple TV

Hello,
I was wondering if anyone can help me out with this setup that I have with Lion Server. Recently I set up my Airport Extreme to use Radius and bind it to my Lion Server for Authentication. Radius works with most of my devices, except for my ATV2 (which is in a different room from the AIrport Extreme.) As most of you may know, ATV2 doesn't support WPA2 Enterprise networks.
Ideally what I would like to do is have the Apple TV connect to my wireless network for all of my videos that are shared on a HD connected to my Lion Server. I was thinking about looking for a WPA2 enterprise wireless bridge with an Ethernet port so that I can connect the ATV to the bridge and have the bridge connect to my Airport Extreme. However, here is what I can not figure out. How can I get that bridge to authenticate to the Radius Server on Lion Server? From my understanding the Radius service on the Lion Server uses its own proprietary radius server to where I couldn't get the bridge to cnnect.
Please let me know your thoughts. If it helps, I have a 1st generation TC that I can place in the other room. However, I couldn't see any functionality in Airport Utility that would allow me to bridge that box to the WPA 2 Enterprise network.

Hello,
I was wondering if anyone can help me out with this setup that I have with Lion Server. Recently I set up my Airport Extreme to use Radius and bind it to my Lion Server for Authentication. Radius works with most of my devices, except for my ATV2 (which is in a different room from the AIrport Extreme.) As most of you may know, ATV2 doesn't support WPA2 Enterprise networks.
Ideally what I would like to do is have the Apple TV connect to my wireless network for all of my videos that are shared on a HD connected to my Lion Server. I was thinking about looking for a WPA2 enterprise wireless bridge with an Ethernet port so that I can connect the ATV to the bridge and have the bridge connect to my Airport Extreme. However, here is what I can not figure out. How can I get that bridge to authenticate to the Radius Server on Lion Server? From my understanding the Radius service on the Lion Server uses its own proprietary radius server to where I couldn't get the bridge to cnnect.
Please let me know your thoughts. If it helps, I have a 1st generation TC that I can place in the other room. However, I couldn't see any functionality in Airport Utility that would allow me to bridge that box to the WPA 2 Enterprise network.

Setting up a Radius server

Similar Messages

Maybe you are looking for