how to add radius in server 2008
|
Feb 9, 2012, 09:45
Post: #1
|
|||
|
|||
|
how to add radius in server 2008
Enable "reversible password encryption" for your domain users.
Globally: Admin Tools - Group Policy Management Choose your forest, domain and then right click your Default Domain Policy and choose Edit. Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Account Policies -> Password Policy -> Store passwords using reversible encryption = Enabled. Per User: I prefer doing it globally, but you can do it on a per user basis by opening your domain user's properties and checking "Store password using reversible encryption" on the Account tab. *Restart the domain controller after these Group Policy changes. Enable Windows Server 2008 Network Policy Server (NPS) Add the "Network Policy and Access Services" role to your domain controller. Enable these role services during installation: Network Policy Server Routing & Remote Access Services Remote Access Service Routing Verify the RADIUS Port Numbers Server Manager -> Roles -> Network Policy and Access -> Right-click NPS (Local) -> Properties -> Ports Tab. Verify the defaults for Authentication are 1812,1645. Verify the defaults for Accounting are 1813, 1646. The 18 set is for a secure connection, or vice-versa. You can change things to match your RADIUS client, but the defaults should be fine. Add a new RADIUS Client NPS (Local) -> RADIUS Clients and Servers -> RADIUS Clients -> Right-click Add new Client. Add a name, the ip address of your client and create a shared secret. Add a new Network Policy NPS (Local) -> Policies -> Right-click Network Policies -> Add new. Enter a name and leave Type of network access server as Unspecified. Click Next. Add a condition. Choose Windows Groups. Add a Group ("Domain Users" for example). Click OK, then Next. Choose Access Granted. Click Next. Leave the default Authentication Methods. Click Next. Leave the Default Constraints. (Although they look like some cool new features you may want to use.) Click Next. Leave the Default Settings. Click Next. Click Finish. Granting or Denying Access to Users Right click a domain user -> Properties -> Dial-in tab. You can Grant or Deny here, but I just leave the NPS Policy we setup earlier to allow all domain users through. Configure your RADIUS Client In this case, I enable a PPTP VPN server on my pfSense firewall and point it to my domain controller/NPS services machine where we just configured everything. Input the shared secret and then login from anywhere! █| AvaNetco.com Hosting Company Shared Hosting , VPS , Dedicated █| 24/7 Server Management, Outsourced Support, Web Development █| High Quality virtual servers with lots of Guaranteed RAM and HDD space, Impeccable Service. |
|||
|
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads... | |||||
| Thread: | Author | Replies: | Views: | Last Post | |
| Install Plesk control panel on Windows Dedicated Server | PrashantratnaJ | 6 | 533 |
May 10, 2012 20:42 Last Post: Rajan |
|
| Windows Server 2008 Can Not See Static IP | Albert.Nawaro | 1 | 102 |
May 3, 2012 04:21 Last Post: jamesclark |
|
| Windows Server 2008 R2 FTP and Firewall Setup | Albert.Nawaro | 1 | 103 |
May 3, 2012 04:19 Last Post: jamesclark |
|
| Adding CDN to my Liquidweb server? | ellis123 | 0 | 94 |
Apr 11, 2012 13:18 Last Post: ellis123 |
|
| A new dedicated server by RAZOR | annisone | 0 | 110 |
Apr 2, 2012 13:43 Last Post: annisone |
|
User(s) browsing this thread:
1 Guest(s)
1 Guest(s)