Forefront Edge Security TechCenter >
Forefront Edge Security Forums
>
Forefront Edge Security – IAG/UAG
>
UAG - ActiveSync - Radius Trunk Authentication
UAG - ActiveSync - Radius Trunk Authentication
- Hi all,
I have the following issue.
I want to authenticate all users who want to access the UAG portal via a radius server (cause i use 2-factor authentication tokens). I've implemented this scenario so far and it works fine.
Now I want to publish ActiveSync (Exchange 2007).
In case I have Radius as authentication protocol in use, I can't use ActiveSync (i get an error on my mobile device). When i switch the Trunk authentication from Radius to ActiveDirectory my mobil device works fine.
I've found a hint under http://technet.microsoft.com/en-us/library/dd278028.aspx to set the parameter FullAuthPassthru within the registry. With this change I can use ActiveSync with username/passwort and Portal login with username/tokencode.
But with this change I don't have any Passthrough within the Portal (for example, access to Exchange OWA) anymore. ok... thats the purpose of this registry key.
How can I use Portal authentication via Radius (username/tokencode) and ActiveSync authentication via ActiveDirectory (username/passwort) without to disable the Passthrough feature????
Thanks for every good hint.
Alex
Answers
Alex,
I recommend you create different trunks for ActiveSync and OWA for your requirements. Amongst others, one of my major criteria’s for creating separate trunks is if you have different authentication requirements.Thank you
Dennis
- Marked As Answer byBen AriMSFT, OwnerThursday, November 05, 2009 7:33 PM
All Replies
Alex,
I recommend you create different trunks for ActiveSync and OWA for your requirements. Amongst others, one of my major criteria’s for creating separate trunks is if you have different authentication requirements.Thank you
Dennis
- Marked As Answer byBen AriMSFT, OwnerThursday, November 05, 2009 7:33 PM
