[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Looking for recommendations for a suitable RADIUS server

Posted on 2016-09-12
10
Medium Priority
?
102 Views
Last Modified: 2016-09-27
I am looking for a RADIUS server, but I have some quite specific requirements.

1. Ideally Windows based, we only have Windows Servers / Skills, and don;t really have the time to learn Linux.

2. Simple to install, and easy to maintain.

3. Must have an API or Web service, that I can use for remote applications to create user accounts.  I have seen a few RADIUS Client APIs, but they all seem to be around creating sessions and gaining end user access, I am looking for one that allows me to use a hotel system to create user accounts for the hotel guests to use.

4. Must work with Mikrotik, or similarly RADIUS enabled, Routers.

Any and all suggestions welcomed.

Many thanks.
0
Comment
Question by:townsma
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 41793952
it seems the certain choice is Microsoft Internet Authentication Service (IAS), a component of Windows Server operating systems that provides centralized user authentication, authorisation and accounting.

per my understanding, IAS meets your requirements 1 to 3. for the 4th one, it should be compatible with Mikrotik, but I never tried it myself.
0
 
LVL 6

Author Comment

by:townsma
ID: 41793958
Hi Bing,  IAS does not exist anymore, I think Server 2003 was the last server to include it.  They have NPS now, but I am not sure that works as a pure RADIUS Server, it seems to do a lot more, but for LAN environment, not across on the Internet.

But I will certainly dig deeper into it to see if it does what I need.

Many thanks
0
 
LVL 37

Assisted Solution

by:bbao
bbao earned 500 total points
ID: 41794059
you were correct. NPS officially replaced IAS in W2K8, but for me IAS is always the word in my mind when referring to MS version of RADIUS. actually even MS itself still uses "IAS" in its Windows 2012 documents, e.g. here.

technically NPS fully replaces IAS, and works the same way as a standard RADIUS. therefore my comments from 1 to 4 still apply.

also be aware that Windows 2012 Foundation and Essentials versions only support up to 50 IAS connections, you need to work out your concurrent limit per your hotel need. the limits does not apply to its standard and datacentre versions.
0
Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

 
LVL 6

Author Comment

by:townsma
ID: 41794207
Many thanks for the follow up.  We will need substantially more than 50 connections. One of our small hotels frequently has over 300 connections.

Best regards
0
 
LVL 7

Assisted Solution

by:aamodt
aamodt earned 500 total points
ID: 41795582
NPS works fine on a windows server. using it for a customer with 10,000+ employees.
But also Cisco ACS is a good choice.
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 41807898
NPS is a RADIUS server component of the Windows server.  It only does RADIUS.  You can't do user admin or account creation via NPS though, so you'd need to create a web front-end that interacts with either AD or the local user database on a standalone NPS server that isn't joined to a domain.
0
 
LVL 6

Author Comment

by:townsma
ID: 41807917
Many thanks for the advice, but as previously mentioned, I need an API interface of some kind to allow me to create and remove accounts automatically from our PMS system.  We have too many accounts changing everyday to make this a manual process of any kind.
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 41807923
This is the problem.  There's no Windows-based RADIUS server (at least that I know of, and I deal with pretty much all flavours of RADIUS) that can do what you need.  You'd need to look at a unix-based distro such as FreeRADIUS or Cisco ISE.
0
 
LVL 6

Author Comment

by:townsma
ID: 41807938
Do either of these distro have an api that allows me to create accounts from a windows application?
0
 
LVL 47

Accepted Solution

by:
Craig Beck earned 1000 total points
ID: 41807942
FreeRADIUS has lots of open source addons but really FreeRADIUS itself runs on Unix/Linux.  There is a Windows-based port but I don't know if it's current so it may have vulnerabilities.

As for APIs, you may need a custom API to do what you want.  Cisco ISE supports API interaction and so does FreeRADIUS, although it's less-documented.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question