A

4 Messages

 • 

102 Points

Fri, Apr 16, 2021 6:42 PM

802.1X using EAP TLS

RADIUS Client:  Ruckus R710 Unleashed

RADUIS server with NPS - Windows Server 2016

When I configure the AAA Servers on unleashed and set TLS to enable the shared secret greys out and is inaccessible. 

How can I know the shared secret so I can configure that on the RADUIS server?

 

Official Rep

 • 

1.3K Messages

 • 

17.7K Points

7 m ago

Hi Aaron,

Could you confirm what it the Unleashed software version.

9 Messages

 • 

150 Points

I see the same in my Unleashed,

Ver: 200.9.10.4.212

4 Messages

 • 

102 Points

I figured it out.  If you click on the eye symbol it reveals the shared secret.  Mine shows radsec as the shared secret.

4 Messages

 • 

102 Points

I have a test network which includes the following:

1. Ruckus R710 Unleashed version 200.9.10.4.233

2. Microsoft Server 2016 configured as a DC, Radius, NPS, CA, DHCP, and DNS.

My goal is to test setting up wireless authentication using 802.1x EAP-TLS.

I have the following devices that need to authenticate:

1. non domain devices (iPads)

2. domain devices (windows 10 pc's)

Does anyone have good information on setting this up?  

I was able to configure the PC using EAP without TLS, but when TLS is turned on it won't connect. 

(edited)

Official Rep

 • 

1.3K Messages

 • 

17.7K Points

Hi Aaron,

I hope you have pushed the certificate to end user machines and configured the radius policy correctly.

Here is an article explaining windows NPS policy config for TLS.

https://support.ruckuswireless.com/articles/000002428

Regards,

Syamantak Omer

Official Rep | Staff TSE | CWNA | CCNA | RASZA | RICXI

Follow me on Linkedin

4 Messages

 • 

102 Points

Thanks for the document, it is a bit outdated as the last 4 instructions do not match Server 2016, however it explains enough. 

Yes I am trying to figure out if I did the cert part correct or not.  That may be the issue.  I am researching how to create a cert with 2016 and issue via Group policy (or for the ipads via JamF MDM).  

Important Announcement