DirectAccess and RADIUS authentication RRS feed

  • Question

  • I've configured Windows 2012 R2 as a DirectAccess server for OTP two-factor authentication along with a FreeRADIUS server for radius authentication. I can see the DaProbeUser authentication requests being accepted on the radius logs but not any other user. I seem to connect via IPHTTPS tunnel and the DA server does show the client being connected but it looks like the authentication is being done only using the Active Directory as I can't see any authentication requests on the radius logs. I currently only have radius users configured as clear-text password so it gets authenticated using PAP. Is there something that i missed?

    Thanks in advance
    • Edited by _Maverick Monday, December 8, 2014 10:40 AM typo correction
    Monday, December 8, 2014 9:20 AM

All replies

  • You will always connect via IPHTTPS if your DirectAccess deployment is behind an edge device. For Teredo you still need to interfaces directly on the internet (or on a firewall in transparent mode) with consecutive IP's, for 6to4 your clients must be coming from a public IP without NAT.

    Have you reviewed this doc?

    Tuesday, December 16, 2014 10:38 AM