<div>
I am including my own comment as a solution because the link in the one comment did not completely resolve the issue. &nbsp;from the information specific to VPN with Cisco, I discovered that I needed to add the NAS-Port-type as a CONDITION and not a CONSTRAINT on the policies.<br />
<br />
Thanks.
</div>


I am including my own comment as a solution because the link in the one comment did not completely resolve the issue.  from the information specific to VPN with Cisco, I discovered that I needed to add the NAS-Port-type as a CONDITION and not a CONSTRAINT on the policies.

Thanks.

<div>
<div class="content wysiwyg-content">
Anyone know the settings to allow L2TP clients on a cisco authenticate to AD by way of RADIUS?<br />
<br />
I've set the NAS-Port type to VPN, and everything else except wireless, and the policy is bypassed. &nbsp;The security log is showing the policy applied is the default &quot;connections to other access servers&quot; (which is st to deny, but for some reason still authenticates users...weird).<br />
<br />
I have another network policy for WiFi AP's using RADIUS as well, and connections are denied if I have the WiFi policy enabled - even if my L2TP VPN policy is 1st in the processing order. &nbsp;The wifi clients do authenticate successfully when the wifi policy is enabled.<br />
<br />
If I disable the wifi policy, it falls through to the bottom-most default as mentioned.<br />
<br />
Any thoughts?
</div>
</div>


Anyone know the settings to allow L2TP clients on a cisco authenticate to AD by way of RADIUS?

I've set the NAS-Port type to VPN, and everything else except wireless, and the policy is bypassed.  The security log is showing the policy applied is the default "connections to other access servers" (which is st to deny, but for some reason still authenticates users...weird).

I have another network policy for WiFi AP's using RADIUS as well, and connections are denied if I have the WiFi policy enabled - even if my L2TP VPN policy is 1st in the processing order.  The wifi clients do authenticate successfully when the wifi policy is enabled.

If I disable the wifi policy, it falls through to the bottom-most default as mentioned.

Any thoughts?

server 2008r2 NPS raidus from cisco

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.