To provide fault tolerance for RADIUS-based authentication and accounting, use at least two NPSs.
You can log rejected authentication requests, successful authentication requests, or both types of requests.ĭetermine whether you are deploying more than one NPS. If the NPS is configured with multiple network adapters, determine the adapters over which you want RADIUS traffic to be allowed.ĭetermine the types of events that you want NPS to record in the Event Log. The default ports are UDP ports 18 for RADIUS authentication messages and ports 18 for RADIUS accounting messages. Key stepsĭuring the planning for NPS configuration, you can use the following steps.ĭetermine the RADIUS ports that the NPS uses to receive RADIUS messages from RADIUS clients. In addition, you can configure the types of events that NPS records in the event log and you can enter a description for the server.
To allow the NPS to read the dial-in properties of user accounts during the authorization process, you must add the computer account of the NPS to the RAS and NPSs group for each domain.Īfter you have determined the domain membership of the NPS, the server must be configured to communicate with RADIUS clients, also called network access servers, by using the RADIUS protocol. For multiple-domain environments, an NPS can authenticate credentials for user accounts in the domain of which it is a member and for all domains that trust the local domain of the NPS. You must decide in which domain the NPS is a member. When you deploy NPS as a RADIUS proxy, NPS forwards connection requests to a server running NPS or other RADIUS servers in remote domains, untrusted domains, or both.īefore you deploy NPS as a RADIUS server on your network, use the following guidelines to plan your deployment. These planning guidelines do not include circumstances in which you want to deploy NPS as a RADIUS proxy. You can use these planning guidelines to simplify your RADIUS deployment. When you deploy Network Policy Server (NPS) as a Remote Authentication Dial-In User Service (RADIUS) server, NPS performs authentication, authorization, and accounting for connection requests for the local domain and for domains that trust the local domain. Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016
0 kommentar(er)
