Solved

Replacing RADIUS Server - Windows Server 2008 R2 - General Questions

Posted on 2013-06-10
5
470 Views
Last Modified: 2013-06-11
Greetings.  We have an old P4 black box server running ADDS, print services and RADIUS for VPN authentication through our Cisco ASA.

The new box is Windows Server 2008 R2 Enterprise, quad-core Xeon, 16GB.

ADDS on the new box is done.  DNS is not a problem.  And I already have a new print server set up.

For RADIUS, if I keep the same IP address as the old server and import RADIUS settings from the old one, is it as simple as that ?  The shared secret pw is not changing.  Of course, there will be a lag in bringing down the old one and bringing up the new one if I keep the same IP.

Suggestions ?
Thanks much.
-Stephen
0
Comment
Question by:lapavoni
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 22

Assisted Solution

by:Jakob Digranes
Jakob Digranes earned 200 total points
ID: 39236852
Should go straight ahead.
What authentication (network policies) do you have?
If you using PEAP - and old Radius has a certificate - make sure you get a new certificate for new server.

Also - this is a far fetch problem, but if you have a period ( . ) in the Netbios domain name for the domain, you need Win2008SP2 and not 2008R2 or 2012 ---
http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/b6b80ab1-a3ee-48eb-b45c-3eb0be27aec7
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 39237000
You could have a look at iasmigreader.

http://social.technet.microsoft.com/wiki/contents/articles/12997.migrate-radius-config-from-windows-2003-ias-to-windows-20082008-r2-nps.aspx

Should do the trick.

-edit-

Though (after reading again) it looks like you might have already found that. So to answer your question, yes it should be that simple.
0
 
LVL 78

Expert Comment

by:arnold
ID: 39237047
You can reconfigure the cisco devices to add an additional tacacs server that will be attempted if the current one is not responding.
0
 
LVL 9

Accepted Solution

by:
DanJ earned 300 total points
ID: 39237326
you can have both servers to be up at the same time with different IP addresses.
then you just change the config on the asa to point to the new IP.
0
 

Author Closing Comment

by:lapavoni
ID: 39238472
Thanks, all.  No network policies. The only client is the Cisco ASA for remote VPN connections. It was pretty straightforward.  Good stuff.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question