Zyxel ATP500 WLAN controller and authentication
Freshman Member
Hello!
Would it be possible to authenticate wireless clients on AD via machine authentication?
Wireless client connect to dedicated SSID and put no credentials since authenticating based on domain computer name.
Is there any need of Radius between?
All Replies
-
From my own experience, this is the difference between Windows Home edition and Windows Professional computers being members of the AD domain. Domain members have access to domain shared resources like printers, SQL server database, file shares, and other domain computers.
Windows Home computers do not have this access through wireless connections (our WiFi being configured as Access Point only) and have to be wire connected (LAN ethernet cable) to access the same resources via NetBT transport.
Not sure if this answers your question or if there are other limitations in your scenario.
0 -
As far as I know Home edition can not join Domain. We have Pro and Enterprise and they are in domain.
The question is how to set wireless client authentication in AD →Domain Computers group? In this case user should not enter any credentials. If laptop is a member of this Group it should get an access. Othewise get block.
Yes, it is not most secure solution, but for the first step its enough. Later we will add user based authentication as well.
Any thoughts?
0 -
OK, I see. This is more than I have looked into, since I have not worked with SSO-solutions combining Microsoft with hardware OEM solutions. I defer to the Zyxel Team members and other Pro users who may have used solutions like that to get suggestions of how SSO is handled by Zyxel.
0 -
Hi @bav
May we know if you intend to use the ATP500 as the AP controller to manage the Zyxel APs and allow WiFi clients to join the organization's domain? Thank you.
0 -
Yes! APC is on the ATP500 and all users should get auhtentication via ATP against the AD
There are some auth methods available: AD, LDAP,RADIUS.
So, I would like to know would it be possible to have AD(users in Security group) direct authorization without any proxies like Radius and so on?
I have seen a lot of examples where radius (NPS) is taking part in AD authentication. But would it be possible to get rid off the Radius?
0 -
Hi @bav ,
APC-managed AP mode does not support direct computer domain authentication to the AD server without the use of RADIUS.
Be a Community MVP: Win a VIP Deal Dash on Your Next Zyxel Purchase!
0 -
Thanks for reply!
It is clear now!
So, just user authentication in AD available without Radius deployed?
0
Master Member
Zyxel Employee
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
