none
Configure NPS / Radius server 2008 with 2003 VPN server.

    Question

  • Dear Support.

    I have Server 2008 include NPS / Radius Server , my problem is configure 2003 server as VPN with NPS / Radius Authentication and Accounting. how can i combine 2008 as radius and 2003 as VPN kindly help me as soon as possible.

    thanks

    Faraz

    Thursday, August 19, 2010 5:14 AM

All replies

  • Hi koolfaraz,

     

    Thanks for post here.

     

    You may like to add windows server 2003 server to NPS RADIUS clients on windows server 2008 ,so that remote access service will use the NPS server for authentication and authorization.

     

    Please check the link below:

     

    Configure RADIUS Clients for NAP

    http://technet.microsoft.com/en-us/library/dd296900(WS.10).aspx

     

    Thanks.

     

    Tiger Li


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, August 20, 2010 6:12 AM
  • Dear Tiger Li

    I already use remote access service in 2003 VPN Server but i read NPS logs then show "Did not match connection Request Policy".


    My network scenario is "I have one 2008 server with AD and NPS Radius, others 2008 VPN servers i configure very easily only put NPS Server IP's in RRAS properties and radius authentication is ready to use and VPN connect, in 2003 server i perfume same task but radius not authenticate and VPN not connect.

    thanks
    FARAZ

    Friday, August 20, 2010 7:53 PM
  • Hi koolfaraz,

     

    Thanks for update .

     

    If all VPN servers configured to using same Radius server to authentication and authorization for VPN connection , so what if connect to other VPN server , if this issue still occurred ?

    Have you check the security parameter of the VPN connection on clients?

    What’s the Error Code or Error message when failed connect to the 2003 RRAS server ?

     

    "Did not match connection Request Policy" general indicates the authentication fails due to not meet the VPN connection polies that defined on Radius server, please temporary disable the policies and check if the issue still occurred.

     

    Using RADIUS for multiple remote access servers

    http://technet.microsoft.com/en-us/library/cc778817(WS.10).aspx

     

    Troubleshooting NAP Problems

    http://technet.microsoft.com/en-us/library/dd348446(WS.10).aspx

     

    Troubleshooting NAP Enforcement

    http://technet.microsoft.com/en-us/magazine/2008.04.cableguy.aspx

     

    Network Policy Server Tools and Settings

    http://technet.microsoft.com/en-us/library/dd197540(WS.10).aspx

     

    Thanks.

     

    Tiger Li


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Monday, August 23, 2010 7:50 AM
  • Dear Tiger Li.

    VPN show 691 error. on my network any 2003 Server i not configure with NPS 2008 server they all show same Error and NPS show "Did not match connection Request Policy" i think i am not able to configure RRAS VPN with NPS 2008 Radius Servers ..


    other think many 2008 Servers are very easily configure. i think this is NPS and IAS configuration Issue kindly help me ...

     

    faraz
    Monday, August 23, 2010 9:49 AM
  • Hi faraz,

     

    Thanks for update.

     

    If other VPN servers could correctly using this NPS server to perform AAA(Authentication, Authorization, and Accounting) , then this indicate that the configuration of NPS server should normal.

     

    Based on my knowledge , there is no different to using NAP or IAS as radius server for incoming AAA on windows server 2003.

    Firstly ,I suggest to make sure that same group policy and security policy had been applied to all VPN servers and then please following the articles below to reconfigure VPN service on windows server 2003.

     

    Remote access/VPN server role: Configuring a remote access/VPN server

    http://technet.microsoft.com/en-us/library/cc736357(WS.10).aspx#rrassrvconfig

     

    Use RADIUS authentication

    http://technet.microsoft.com/en-us/library/cc778372(WS.10).aspx

     

    Use RADIUS accounting

    http://technet.microsoft.com/en-us/library/cc758919(WS.10).aspx

     

    Hope that’s helpful

     

    Tiger Li


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Tuesday, August 24, 2010 7:44 AM
  • Hi Faraz,

    Can you post the 2008 NPS and 2003 VPN configuration? Thanks.

    Regards

    Qunshu


    Clarification: Microsoft doesn't own any liability & responsibility for any of my posting.
    Friday, December 17, 2010 8:44 AM
  • Koolfaraz, check membership of your IAS server in group "RAS and IAS Servers" in domain. If you have multidomain infrastructure check group membership in each domain. Also check "Type of network access server" and set to "Unspecified" but in policy specify "NAS-Port-Type"as for example VPN.
    Thursday, February 03, 2011 2:49 PM