Radius authentication with certificate and credentials ?

  • 1
  • Question
  • Updated 3 weeks ago
  • Answered
Hello, is it possible to have wifi users from Windows 10 authenticate via RADIUS with machine certificate, then also via username/password prompt ?
Not sure if you can authenticate with two consecutive methods like this via SmartZone 802.1x.
I would be using Windows NPS as the RADIUS server.
Photo of philip francis

philip francis

  • 57 Posts
  • 0 Reply Likes

Posted 1 month ago

  • 1
Photo of Abi

Abi

  • 86 Posts
  • 44 Reply Likes
Hi Philip,


No, instead you can use DPSK; which is as secured as 802.1x and passphrase is tied to Mac address of the client.


Currently, authentication is supported Cert or Password and I think the Windows client machine can either be configured to username and password or cert but not both, is it something added newly on Windows 10 ?


Thnak you,


Regards

Abi
(Edited)
Photo of Vineet Nejawala

Vineet Nejawala, Employee

  • 35 Posts
  • 16 Reply Likes
Hi Philip,

You can configure an NPS policy that include "User group" and "Machine group" under conditions although the NPS will only allow authentication through either a computer authentication or user authentication but not both. 

Best Regards
Vineet 
Photo of Babar Gondal

Babar Gondal

  • 5 Posts
  • 1 Reply Like
Hi Philip,
First sorry for late reply,

Yes with windows 10 you can you can authenticate a machine to connect to network (Wifi) then a user has to authenticate to login to machine. (it works same as wired machine)
I have tested it with NPS radius server successfully and it works perfectly.

In my case i am using this method for shared laptops.

Thanks,
Babar