server 2008r2 NPS raidus from cisco
Posted on 2014-02-28
Anyone know the settings to allow L2TP clients on a cisco authenticate to AD by way of RADIUS?
I've set the NAS-Port type to VPN, and everything else except wireless, and the policy is bypassed. The security log is showing the policy applied is the default "connections to other access servers" (which is st to deny, but for some reason still authenticates users...weird).
I have another network policy for WiFi AP's using RADIUS as well, and connections are denied if I have the WiFi policy enabled - even if my L2TP VPN policy is 1st in the processing order. The wifi clients do authenticate successfully when the wifi policy is enabled.
If I disable the wifi policy, it falls through to the bottom-most default as mentioned.