Hello All
Setup - Multiple NPS servers running on the network with Radius service. 52 Wireless access points for wifi users. Introduced a DELL SonicWALL firewall in the network as a gateway device.
Requirement - All WiFi users should be able to authenticate through the Radius server for wireless access and NPS should do radius proxy or account forwarding.
Issue - I have people coming in with the non domain devices. They get connected to the wireless SSID using domain credentials which gets verified by the radius server. Gateway is not aware of the authentication part. Web filtering is applied at the gateway level so the firewall needs to be updated with the user information on the BYOD. So to achieve this, I am trying to forward radius accounts to the firewall.
As of now firewall is able to communicate with the radius server but accounts are not forwarded to the firewall by the NPS. On all the access points, accounting information is forwarded to the NPS server. Now I want the NPS server to forward the account information to the firewall so that user information can be maintained on the gateway.
I tried to go through the radius proxy article but it did not help. If I add gateway's IP instead of NPS server in the access points then I get the accounting information on the firewall. But the firewall has a limitation to add only 15 hosts for accounting and I have over 50 access points.
So I was thinking if all the access points can send the accounting information to the radius server and in turn the server can forward it to the firewall or gateway, this will fix my issue. Or the radius server already has the accounting information so it is just a matter of forwarding to the gateway.
I am really poor on systems side and hence trying to get assistance. This might be a very silly question for many of you but I am really stuck here and need a fix.
Please assist.
Thank you
Amit
