none
NPS with NLB

    שאלה

  • I am trying to leverage network load balancing (NLB) with my network policy servers(NPS). When I setup the NLB on 2 of the NPS servers, I am able to browse to the drives and ping to the VIP address -OR- the individual addresses of the server. I am finding that the radius ports are not working with the VIP address, only the individual addresses of the server. I ran an nmap scan, and verified that I can only see open ports for radius on the server addresses not the VIP address.  I haven't seen any documentation stating you can or cannot set it up this way (which I really didn't see why not).  However I have found documentation that says you need a NPS proxy with NLB, which I really didn't want to do.

    any ideas?...
    יום רביעי 22 דצמבר 2010 12:48

תשובות

  • Hi,

    Thank you for your post here.

    Typically, we use NPS configured as a RADIUS proxy to load balance connection requests between multiple NPS servers or other RADIUS servers.

    For example, if you have 100 wireless access points, one NPS proxy, and three RADIUS servers, you can configure the access points to send all traffic to the NPS proxy. On the NPS proxy, configure load balancing so that the proxy evenly the connection requests between the three RADIUS servers.

    Or you can configure the multiple NPS proxy servers which links to all back-end NPS servers. It can double the availability because mutiple proxy servers prevent the RADIUS service from single point failure of proxy server.

     

    • סומן כתשובה על-ידי Miles LiModerator יום שלישי 28 דצמבר 2010 10:37
    יום חמישי 23 דצמבר 2010 10:07
    מנחה דיון

כל התגובות

  • Hi,

    Thank you for your post here.

    Typically, we use NPS configured as a RADIUS proxy to load balance connection requests between multiple NPS servers or other RADIUS servers.

    For example, if you have 100 wireless access points, one NPS proxy, and three RADIUS servers, you can configure the access points to send all traffic to the NPS proxy. On the NPS proxy, configure load balancing so that the proxy evenly the connection requests between the three RADIUS servers.

    Or you can configure the multiple NPS proxy servers which links to all back-end NPS servers. It can double the availability because mutiple proxy servers prevent the RADIUS service from single point failure of proxy server.

     

    • סומן כתשובה על-ידי Miles LiModerator יום שלישי 28 דצמבר 2010 10:37
    יום חמישי 23 דצמבר 2010 10:07
    מנחה דיון
  • Hi,

    I am also facing a same issue, did you find any thing ?

    Can you please provide me the link for "However I have found documentation that says you need a NPS proxy with NLB, which I really didn't want to do." ????

    Thanks

    SK

    שבת 17 מרץ 2012 17:49
  •  After intalling NLB on my NPS proxies successfully i find out that my Radius clients send their request to the virtual ip but are answered by one of the real server's ip. So the thing is that most Radius clients discard those answers for security reason. Finding a way for the server to answer with the virtual ip is not that easy and i haven't found it yet.
    שבת 01 ספטמבר 2012 16:19