Checklist: Configure NPS for 802.1X Authenticating Switch Access
Applies To: Windows Server 2008
Configure NPS for 802.1X authenticating switch access
This checklist provides the steps required to deploy 802.1X authenticating switches with Network Policy Server (NPS).
Task | Reference |
---|---|
Install and configure 802.1X authenticating switches on your network. |
RADIUS Server for 802.1X Wireless or Wired Connections and your hardware documentation |
Determine the authentication method you want to use. |
RADIUS Server for 802.1X Wireless or Wired Connections; Certificate Requirements for PEAP and EAP; EAP Overview; PEAP Overview; and your hardware documentation |
Autoenroll a server certificate to NPS servers or, if you are using PEAP-MS-CHAP v2 only, optionally purchase a server certificate rather than deploying your own CA. |
Deploy a CA and NPS Server Certificate and Obtaining and Installing a VeriSign WLAN Server Certificate for PEAP-MS-CHAP v2 Wireless Authentication (https://go.microsoft.com/fwlink/?LinkId=33675) |
If you are using EAP-TLS or PEAP-TLS without smart cards, autoenroll user certificates, computer certificates, or both user and computer certificates, to domain member client computers. |
Deploy Client Computer Certificates; Deploy User Certificates |
Configure 802.1X wired clients using Group Policy. |
Configure 802.1X Wired Clients Running Windows Vista with Group Policy |
Configure 802.1X authenticating switches as RADIUS clients in NPS. |
|
Create a user group in Active Directory® Domain Services (AD DS) that contains the users who are allowed to access the network through the switches. |
|
In NPS, configure one or more network policies for 802.1X switch access. |
Add a Network Policy; Create policies for 802.1X Wired or Wireless with a Wizard; Network Policies |