griboedoff072016-04-28 03:09:51
griboedoff07, 2016-04-28 03:09:51

A bunch of Wi-Fi + RADIUS + PROXY-server, how to implement?

Good time.
The organization deployed a Wi-Fi network for mobile devices to access the Internet, authorization is performed through Radius (Windows NPS - Network Policy Server) using domain credentials.
There is a task to keep records and control over user access to the Internet. Hence the question arose: how (what proxy server can implement) to authorize users by domain accounts on a proxy server without additional user input of credentials, except for SSID (WPA2-Ent) authorization, provided that Wi-Fi users log in to their devices under local credentials (not domain)?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Vladimir Dubrovin, 2016-04-28

Under such conditions, it is possible to authorize on a proxy only by the IP address or DNS name of the client and bind the IP address or DNS name to the account somewhere else. Even if the proxy knocks on RADIUS, it will not be able to send anything other than the client's IP, because you do not want it to ask for a login / password. Transparent authorization will not work, because users work under local accounts.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question