Professional Documents
Culture Documents
Radius Win 2008 Server
Radius Win 2008 Server
as a RADIUS Server
with MS-CHAP
v2 Authentication
HowServer
To 2008
Configure
Windows
Server
2008
as a
Scenario
Configure Windows Server 2008 as RADIUS Server with MS-CHAP v2 authentication and integrate
Cyberoam as a RADIUS Client.
Configuration
You can configure Windows Server 2008 by following the steps given below. Configuration is to be
done from Windows Server Manager.
Note:
Prior to configuration, make sure that:
You have setup Active Directory Services, and Network Policies and Access Services (NPS)
Roles.
The NPS Roles are integrated with the Active Directory.
On the left panel, expand Roles Network Policy and Access Services NPS (Local)
RADIUS Clients and Servers and right click on RADIUS Clients. Click New RADIUS Client to
create a new client according to parameters given below.
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
Parameter Description
Parameter
Value
Description
Friendly name
Cyberoam
172.16.16.1
Vendor name
RADIUS Standard
Shared secret
Manual
Secret
cyberoam
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
Click Add under Specify Conditions to add conditions that determine whether this network policy
is evaluated for a connection request. Here, we have added 2 conditions:
User Group as Marketing
NAS IP address as Cyberoam LAN IP address
The Select Condition Window opens. Select the first type of condition as User Groups and click
Add.
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
The User Groups Window opens. Click Add Groups... to add user groups.
The Select Group Window opens. Mention the Group Marketing under Enter the object name
to select and click OK.
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
The user group condition is added. Now click Add... again to add the second condition.
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
Under Gateway section, select NAS IPv4 Address to specify the IP address of the Network
Access Server (NAS) and click Add.
Click OK to save settings. The following screen is displayed showing configured conditions. Click
Next.
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
The Specify Access Permission screen appears. Select Access granted and click Next.
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
The Configure Authentication Methods screen appears. Select the authentication as Microsoft
Encrypted Authentication version 2 (MS-CHAP v2) and Unencrypted authentication (PAP,
SPAP). Click Next.
Note:
PAP authentication method is required because Cyberoam uses PAP to test connectivity with the
RADIUS Server.
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
The Configure Constraints screen appears. Retain default constraints. Click Next.
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
The Configure Settings screen appears. Retain default settings. Click Next.
If you want to configure Tight Integration between RADIUS Server and NAS, then add Filter ID as
one of the attributes by clicking Add....
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
The Completing New Network Policy appears which displays the summary of the policy you have
configured. Click Finish to create the policy.
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
In the Properties window, switch to Dial-in tab, under Network Access Permission select Allow
access to allow network access to user John Smith.
The above configuration configures the Windows Server 2008 as a RADIUS Server with Cyberoam as
the Client. Cyberoam uses this RADIUS Server for user authentication.