locked
NPS and NAP in multiple locations RRS feed

  • Question

  • Hello Community,

    I need your advice for the following NPS/RADIUS environment we are trying to set up for wireless access to our corporate offices.

    We have two offices (US and India) connected via a site to site VPN. We use Meraki APs in our environment. So far the Meraki APs (RADIUS client) authenticate the clients to the NPS (RADIUS Server) here in the US office without issues (as we have our Connections Request polices and Network policies properly configured). On the other hand, the Meraki AP’s for the India office are pointing to the same US RADIUS server for authentication (as they don’t have their own RADIUS Server), they authenticate just fine. The question though is what is the best way to add a NPS server in India so they authenticate there (rather than US)? Should I just add/configure a new NPS server (with similar C.R.P and Network policies)? Or is there a best practice method when configuring an NPS on the same Domain but in different sites?

    I’ve been doing research and the Remote RADIUS Proxy does not seem to be a good solution as it will forward the traffic between US and India and this is what we are trying to prevent.

    Please advise or share some thoughts.

    Thank you. 

    Thursday, May 4, 2017 8:46 PM

All replies

  • Hi Christian Bautista,

    >>Should I just add/configure a new NPS server

    Yes. If you do not want to forward the traffic between US and India, we recommend you add a new NPS server for India. This is a better way.

    Best Regards

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, May 5, 2017 5:27 AM
  • Thank you, Candy. I can add a new NPS server in India. Is there a way to copy/export the NPS policies on my current server (similar to exporting group policy objects)? If not no issues as i can always recreate them.

    Friday, May 5, 2017 4:55 PM
  • Hi Christian Bautista,

    >>Is there a way to copy/export the NPS policies on my current server (similar to exporting group policy objects)?

    Yes.You could use the netsh command or powershell to export the NPS policies.

    The command syntax for exporting the NPS configuration is as follows.

    Export-NpsConfiguration -Path <filename>

    For more details, please refer to the following article:

    https://technet.microsoft.com/en-us/library/cc732059(v=ws.10).aspx

    Best Regards

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, May 8, 2017 7:43 AM
  • Hi Christian Bautista

    Just checking in to see if the information
    provided was helpful. Please let us know if you would like further assistance.

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, May 15, 2017 2:36 AM
  • Hi Christian Bautista

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, May 19, 2017 8:22 AM