• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 286
  • Last Modified:

Radius Server

I want to set up radius server for a group of vpn users. we use the sonicwall vpn client. i would like it so that they use their windows username/password for the vpn client, when they change thier windows login that applies to the vpn. how to configure radius server? can someone provide info or articles for this. i can provide more info if needed. using server 2003 AD.
0
jeffsteffy
Asked:
jeffsteffy
  • 3
  • 3
2 Solutions
 
mailtosinghsCommented:
You can setup Internet Authentication Service in windows 2003 server setup
you can use this as RADIUS Server for any RADIUS client. you can also use your AD as authentication provider.

you can integrate your current VPN solution to use IAS as RADIUS server.

more resource on IAS and deployment.
http://technet.microsoft.com/en-us/network/bb643123.aspx
0
 
Farhan KaziSystems EngineerCommented:
Following articles might help you to understand/configure VPN authentication with RADIUS:

* Checklist: Installing and configuring a VPN server (Good one)
http://technet2.microsoft.com/windowsserver/en/library/930ee0b5-d9f1-4bf2-b562-38e63bebc74e1033.mspx?mfr=true

* Dial-up and VPNs with RADIUS Authentication (VPN with Windows Server 2003)
http://technet2.microsoft.com/windowsserver/en/library/04f5add9-85ff-4b07-96e0-498b883dcb461033.mspx?mfr=true

* Use RADIUS authentication
http://technet2.microsoft.com/windowsserver/en/library/5934dc6b-78ec-4d37-b45f-99754e5067801033.mspx?mfr=true

* Configuring a Windows Server for RADIUS Authentication (Good one)
http://secure.enterasys.com/support/manuals/Pol_Mgr1_8_1-web/docs/p_win2000_config.html

* Internet Authentication Service
http://technet.microsoft.com/en-us/network/bb643123.aspx

* How to install and configure a Virtual Private Network server in Windows Server 2003
http://support.microsoft.com/kb/323441

* Leveraging RADIUS accounting by using Microsoft Windows RADIUS Server and Internet Authentication Service
http://support.microsoft.com/servicedesks/webcasts/seminar/shared/asp/view.asp?url=/servicedesks/webcasts/en/wc031704/manifest.xml&WMPVer=9.0.0.3196

* Deployment of Protected 802.11 Networks Using Microsoft Windows
http://www.microsoft.com/technet/network/wifi/ed80211.mspx

0
 
jeffsteffyAuthor Commented:
That is a lot of information, I'll spend some time reading all of it. Would you enable IAS on the domain controller or another server 2003 box? Should I create a new group in AD and add all VPN users? i read be reading before I do this and may ask more questions so i will give points now then open new question if needed.

thanks
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
mailtosinghsCommented:
you can enable IAS on DC but it is good to have a dedicated box for IAS if you are having lot of users using VPN.

DC is advised to be kept intact and should not have any other service because installing multiple services opens up new surface for security loopholes.

you can use group or OU for configuring authentication sets.
0
 
jeffsteffyAuthor Commented:
I have a server 2003 as file server, can use that use IAS?
0
 
mailtosinghsCommented:
technically you can use any windows 2003 server to host IAS, if you want domain authentication it should be part of domain.

the decision should be based on the distribution of services on the servers and the workload/user request volume is the factor which decides which role you should assign to which server.

if your file server doesn't experience a bottleneck nor it is close to its max throughput you can do that. if the number of VPN user and their frequency is higher then definetly you should go for new box.
0
 
jeffsteffyAuthor Commented:
thanks for the information
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now