IAS w/ RADIUS in SBS 2003.

No. Both are included and should be the configured the same as if both were on a Windows Server 2003 domain controller.

Is this on Standard or Premium?  Because if Standard you would need to configure RRAS for RADIUS.

Is this for wireless authentication?

Jeff
TechSoEasy

I'm using SBS 2003 Premium.  No this is for Cisco PIX authentication.

myfootsmells

Well then this does get a bit complicated.  I think you'll find these articles to be of help though:
http://www.isaserver.org/articles/2004vpnradius.html
http://support.microsoft.com/kb/884492
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800b6099.shtml

And don't forget that you must always use the Configure Email and Internet Connection Wizard to configure the SBS's settings.

Jeff
TechSoEasy

Not using ISA Server and I've used that link before from Cisco.  Doesn't really help much, even after talking to Cisco tech support they are baffled.

Just thought maybe SBS 2003 had something blocking it that I couldn't think of.

Any other thoughts?

Did you rerun the CEICW?

Jeff
TechSoEasy

No I did not.  We don't use any of the SBS features anymore.  We're long over due to transfer over to Windows Server 2003.  I'm just wondering if I'm missing something?

The Cisco Pix is acting as my firewall/router.
Sharepoint is not being used.
Exchange 2003 is being used.
ISA Server is not being used.

What benefits/options will I have by running CEICW?  I see none that would help in my situation.

Yes, you're missing the fact that you can't just stop using the CEICW... because the server roles that are on your SBS should NEVER be installed on ONE machine under normal circumstances.  Therefore, the only way to keep these items from interacting badly with eachother is to configure and modify settings with the wizards.  Failure to do so will often result in hours upon hours of troubleshooting.

The problem is that this is still your Domain Controller, it is running IIS and Exchange and DNS.  You cannot really run the Security Configuration Wizard on an SBS because it enables things that would conflict with these items.  Yet, the standard deployment of IAS recommends that you use the SCW:  http://www.microsoft.com/technet/security/prodtech/windowsserver2003/w2003hg/s3sgch10.mspx

You will find that there are many things which conflict with SBS's configurations... so if you think you are "beyond" SBS, then you need to transition out of it and deploy the proper servers.

Jeff
TechSoEasy

Okay how about this then.  I have a box that runs Windows Server 2003 and has AD replicated to it.  I'll install RADIUS and IAS there.  Any issues?

Of course there are issues, there are always issues... :-)

Just follow the guide:  http://www.microsoft.com/technet/security/prodtech/windowsserver2003/w2003hg/s3sgch10.mspx

Jeff
TechSoEasy

no good information there at least nothing to help me.  i guess i just needed to know if there was something in SBS not allowing me to use RADIUS.

Jeff

I dont know how well your Cisco skills are but check out:
https://www.experts-exchange.com/questions/21847310/Cisco-PIX-506E-Cisco-VPN-Active-Directory-All-Working-Together.html

Michael

I don't deploy Cisco PIX''s as a general rule, so it's not an area that I can comment on with much authority.  I do however, know what SBS can and can't do... for the most part, so i'll leave it at that.

Jeff
TechSoEasy