WPA2 Enterprise with Ubiquiti UniFi and Windows 2019

In this guide we will setup a wireless network base on WPA2-Enterprise .

The hardware that we’ll use are Unifi APs with relative software controller and a Microsoft AD with NPS installed.

  1. Create a SelfSign certificate
  2. Add and configure NPS /Radius on our Windows 2019
  3. Create a Radius profile on your Unifi controller
  4. Configure the NPS and APs
  5. Create a WiFi network with WPA2-Ent

1)Create a Self-sign certificate for your WPA2-Ent

$date = (Get-Date).ToString('MMM-yyyy')
$certificateExpiringYears = (Get-Date).AddYears(10)
$FQND = "wificontroller.xxxxxx.it"
$friendlyname = "wificontroller"
New-SelfSignedCertificate -DnsName $FQND -KeyLength 2048 -CertStoreLocation "Cert:LocalMachine\My" `
-FriendlyName $friendlyname -NotAfter $certificateExpiringYears 

 

2) Add and configure and NPS /Radius on your Windows 2019

Open server manager and add the NPS role.

3) Now, go to the controller and create a new “radius profile”

4)Configure the NPS and APs

Now create a Policy that contains a dedicated AD group In my case I used all Domain Users.

Select EAP and the Cert previously created

5) Create a WiFi network with WPA2-Ent

Open the Unifi Controller and create a new Wifi Net.

Select WPA Enterprise and the Radius profile previously created.

Now try to connect…

Done!

Leave a Reply

Your email address will not be published.