Configure the ProxySG to authenticate with Windows 2008 Network Policy Server (NPS) via RADIUS
search cancel

Configure the ProxySG to authenticate with Windows 2008 Network Policy Server (NPS) via RADIUS

book

Article ID: 165600

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

You want to configure RADIUS authentication on the ProxySG with Windows 2008 NPS.

Resolution

Staring with Windows 2008, IAS has been changed to NPS (Network Policy Server) and the whole interface/configuration is different.

After you install an NPS role on Windows 2008, you can start configure RADIUS.

1. Go to RADIUS Clients and create a new client. (This RADIUS client will be the ProxySG).

  -Set the RADIUS client to the IP or hostname of the proxy.

  -Vendor name can just use RADIUS standard.

  -Set the Shared Secret.

  -Click OK.

RADIUS Client

2. Go to Network Policies, right click > New  and create a new policy (this is where you define who has access).

  -Set the Policy Name and click Next.

  -On the Condition, set the conditions that are allowed to authenticate.

    (NAS Port, type is ethernet for wired connection)

    (Groups based on AD)

    (NAS client IP would be ProxySG's IP)

    (Date and Time restriction) - Click Next when done

3. Set to Access Granted and click Next.

4. Under Authentication Methods, select Unencrypted authentication (PAP, SPAP) and click Next.

5. Configure the constraints - can leave the defaults.

6. After completing the Network Policy, configure the ProxySG to use the RADIUS realm.

 

Note: If authentication fails, check the security logs on the event viewer to see what is causing authentication to fail.