Solved

Configuring RADIUS server in windows 2003 to use with external firewalls

Posted on 2008-11-01
6
2,261 Views
Last Modified: 2010-04-21
Hello everyone,
I really need some help or guidance in setting up radius server for integration with my Linux firewall...namely ZEROSHELL.
Thanks,
0
Comment
Question by:godwindotnet
  • 2
  • 2
  • 2
6 Comments
 

Author Comment

by:godwindotnet
ID: 22860710

Thanks for the reply CorpComp...

This is the part thats kind of making me feel uncertain about what I'm doing...

" you can setup a remote access policy in IAS to allow a certain group to authenticate, and then place the users in that group."

Do you have any links that can teach me exactly about this process??
Thanks
0
 
LVL 6

Expert Comment

by:CorpComp
ID: 22860643
You need to install "Internet Authentication Service" on your server.  You can do this through "add remove windows components"  Then you setup a profile for your firewall, all you should need to configure is the IP address and the Pre-Shared Key.

You have a choice on how you choose users that are allowed to authenticate.  You can set the attribute on each individual user in AD (under the dial-in tab), or you can setup a remote access policy in IAS to allow a certain group to authenticate, and then place the users in that group.

I am not sure how to configure your firewall to communicate with your RADIUS server, but remember when you are doing the configuration to use the same pre-shared key that you setup in the IAS profile.

Good luck.
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 22862496
How does "Novell NetWare Network Software tie into this?  I ask because that's one of the zones this question is posted to.

When you ask about RADIUS integration with your Linux firewall, what exactly are you looking for?  There are many versions and flavors of RADIUS.  The only benefit to using the RADIUS capabilities of IAS is its integration with AD.

You didn't ask about directory-service or LDAP integration, just RADIUS integration - does that mean you have a RADIUS server already installed/configured or does it mean you don't know exactly what you're looking for beyond RADIUS?

RADIUS stands for Remote Authentication Dial In User Service and is an IETF standard for user authentication to allow public access to private resources.  The most popular RADIUS server in the world is FreeRADIUS.  RADIUS is a major component of WPA 802.1x wireless authentication, in addition to the more-common remote-access authentication service.  IAS is Microsoft's proprietary implementation of RADIUS.

If you have a RADIUS server and you're just asking how to go about integrating it with your firewall, the answer is far different from having a firewall that can integrate with RADIUS and wanting to know what RADIUS server to use, or wanting to provide identity-based access via a form of RADIUS/firewall integration, and what to use depends also on what directory service you use, whether you want to use Windows services "on the edge" and whether direct integration with a platform directory is necessary or if LDAP integration is sufficient or even preferred, which also is flavored by whether you have an enterprise-class directory service like eDirectory or a platform-specific directory like AD.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 6

Accepted Solution

by:
CorpComp earned 250 total points
ID: 22863588
0
 
LVL 35

Assisted Solution

by:ShineOn
ShineOn earned 250 total points
ID: 22864184
Here's one that talks specifically about ZEROSHELL firewall and FreeRADIUS integration for 802.1x enterprise WPA.

http://www.wi-fiplanet.com/tutorials/article.php/3748146
0
 

Author Closing Comment

by:godwindotnet
ID: 31512374
Thanks for the time....
but I think I misinterpreted the question...
I basically wanted to learn how to setup RADIUS server for LAN clients on Windows 2003 server
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Learn about cloud computing and its benefits for small business owners.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now