locked
NPS as Proxy for multiple Radius servers RRS feed

  • Question

  • Hi,

    I have 4 different radius servers (NPS, Steelbelted, ACS and Freeradius) connected in a network. I am planning to use NPS as a radius server and a radius proxy for other radius servers. I will be using a wireless access point to give access for my clients to the servers. 

    Using NPS as standalone for authentication is working for EAP securities, but when I add a connection request policy for forwarding the requests to other radius servers everything stops working. I will be changing the IP address of the radius server in the wireless access point to determine which radius server to be used for authentication. 

    Could anyone help me create a correct connection request policy which will forward the request to the correct radius servers based on the IP address I give in the wireless access point? The IP address of the radius server given in the access point is the only thing from which I can figure out which radius server is to be used for authentication.

    Thanks in advance,

    Dilshan

    Friday, November 18, 2016 3:46 PM

All replies

  • Hi Dilshan,

    >>Could anyone help me create a correct connection request policy which will forward the request to the correct radius servers based on the IP address I give in the wireless access point?

    Please configure conditions like description below:

    RADIUS Client IPv4 Address, NAS port Type is wireless -IEEE.

    You could configure "Forward request to the following remote RADIUS server group for authentication" on Forwarding Connection Request.

    Please reference the picture below for understanding:

    Best Regards

    John


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    • Edited by John Lii Monday, November 21, 2016 5:29 AM
    Monday, November 21, 2016 5:28 AM