NAP – How to connect workstations using Network Access Protection to a RADIUS server
Setup:
Radius Server – Windows server 2012 R2 Standard with NAP installed and configured
Wireless – Cisco Meraki M32 Wireless Access Points connected to a MX firewall.
Issue:
When Clients are connecting to a Wireless network using 802.11 or WPA2 Enterprise they are showing in the event viewer on the radius server as Non-NAP Capable and quarantined.
Event ID: 6276
Authentication Details:
Connection Request Policy Name: NAP 802.1X (Wireless)
Network Policy Name: NAP 802.1X (Wireless) Non NAP-Capable
Authentication Provider: Windows
Authentication Type: PEAP
EAP Type: Microsoft: Secured password (EAP-MSCHAP v2)
Quarantine Information:
Result: Quarantined
Cause:
This occurs if the client is not setup correctly causing them to show as Non-NAP Capable.
Resolution:
There are a few Settings that need to be enabled on the client and most/all of the settings below can be pushed out by a group policy.
1) Make Sure the Network Access Protection Service is running
2) As there is a delay when the wireless network connects you need to start the NAP service after the wireless.
This can be done by going to the following entry in the registry and making the change below:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WlanSvc
Update the DependOnService entry and add napagent.
The entry should look similar to the below. You will need to reboot the client for the registry change to take effect.
NOTE: The service WCMSVC below is only required for Windows 8 workstations.
3) Enable the Following Setting in:
GPO Manager > Computer Configuration > Policies > Windows Settings > Security Settings > Network Access Protection > NAP Client Configuration > Enforcement Clients
4) On the Client Machine go to Network and Sharing
Select adaptor settings > Right click the Wireless connection once connected to the wireless connection > Select Status > Wireless Properties > Security Tab > Settings > Select Enforce Network Access Protection > Select OK on all open windows.
Office 365 Updates
- Administrative Template files (ADMX/ADML) and Office Customization Tool for Office 365 ProPlus, Office 2019, and Office 2016This download includes the Group Policy Administrative Template files (ADMX/ADML) for Office 365 ProPlus, Office 2019, and Office 2016 and also includes the OPAX/OPAL files for the Office Customization Tool (OCT) for Office 2016.
- Office Deployment ToolThe Office Deployment Tool (ODT) is a command-line tool that you can use to download and deploy Click-to-Run versions of Office, such as Office 365 ProPlus, to your client computers.
- Readiness Toolkit for Office add-ins and VBAThe Readiness Toolkit for Office add-ins and VBA helps you identify compatibility issues with your Microsoft Visual Basic for Applications (VBA) macros and your installed add-ins. Use this tool to inspect VBA macro code and get readiness information for installed Office add-ins.
Microsoft Security Updates
- Security Update For Exchange Server 2016 CU11 (KB4487563)Security Update For Exchange Server 2016 CU11 (KB4487563)
- Security Update For Exchange Server 2013 CU22 (KB4487563)Security Update For Exchange Server 2013 CU22 (KB4487563)
- Security Update For Exchange Server 2019 (KB4487563)Security Update For Exchange Server 2019 (KB4487563)
- Update Rollup 27 For Exchange 2010 SP3 (KB4491413)Update Rollup 27 For Exchange 2010 SP3 (KB4491413)
- Security Update For Exchange Server 2019 CU1 (KB4487563)Security Update For Exchange Server 2019 CU1 (KB4487563)
Cisco Security Advisories
- Cisco Wireless LAN Controller Software GUI Configuration Denial of Service VulnerabilitiesMultiple vulnerabilities in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device. The attacker would need to have valid […]
- SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE SoftwareThe Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 […]
- Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution VulnerabilityA vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster […]
- Cisco Identity Services Engine SSL Renegotiation Denial of Service VulnerabilityA vulnerability in the web interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of Secure Sockets Layer (SSL) renegotiation requests. An attacker could exploit this vulnerability by sending renegotiation requests […]
Recent Comments