You can use the same authentication server as you are using for wifi. However, you need differentiate the authentication request for wifi and the admin login. With NPS this could be quite challenging.
It could be helpful to add an additional RADIUS server where you set the NAS identifier. Based on the NAS identifier you can hit a different policy within NPS.
Regarding the admin configuration. In most cases I used Authentication server/ fallback to internal. This should work. This will first try to access the authentication server. If the authentication server is not reachable or send a deny it will try local.
Please also check the following page.
https://www.arubanetworks.com/techdocs/central/latest/content/nms/access-points/cfg/ap-user-mgmt/conf_admin_user.htm
------------------------------
Willem Bargeman
------------------------------
Original Message:
Sent: Mar 02, 2023 01:08 AM
From: manly009
Subject: IAP AP Enable Radius Admin Remote Login via NPS
Dear Friends,
I would like to apply Radius Remote Login for our IAP Cluster. Now I got a testing AP (IAP 500 AP 8.10.0.5 ) home and set up with 802.1x Wifi pointing to my Windows NPS server. All working fine.
Now, I dont quite understand, how to configured it by going to Config, System - Admin, added another Radius Authentication Server to pointing to NPS server. However, after messing with Authentication server/ fall back to internal..., I cannot seem to make it working, I cannot even see Radius request log on NPS server....
Can anyone help me on this? Any instruction that I can follow at all?
Thanks a lot,
ML