https://aaronwalrath.wordpress.com/2010/06/22/install-windows-2008-r2-nps-for-radius-authentication-for-cisco-router-logins/
Check user has allow remote access (dial-in tab) AD users and computers
Check user is a member of the right AD group if using one in your RADIUS pol
NPS server setup both DC1 + DC2
NPS radius clients match and password matches
NPS policy setup and match
NPS server install wireshark
NPS server enable auditing.
NPS server registered in AD
After adding new RADIUS clients stop/start the NPS server
Side note - Upgraded a 3750E to 15.2 and it broke Radius
Change to calling the Group
Turn aaa on
aaa new-model
Setup radius servers
radius server NPS-1
address ipv4 172.16.35.63 auth-port 1812 acct-port1813
pac key **********
!
radius server NPS-2
address ipv4 172.16.35.43 auth-port 1812 acct-port 1813
pac key ********
!
Setup radius group
aaa group server radius RADIUS-GROUP
server name NPS-1
server name NPS-2
Set source interface
ip radius source-interface
Side note - Upgraded a 3750E to 15.2 and it broke Radius
Change to calling the Group
Turn aaa on
aaa new-model
Setup radius servers
radius server NPS-1
address ipv4 172.16.35.63 auth-port 1812 acct-port1813
pac key **********
!
radius server NPS-2
address ipv4 172.16.35.43 auth-port 1812 acct-port 1813
pac key ********
!
Setup radius group
aaa group server radius RADIUS-GROUP
server name NPS-1
server name NPS-2
Set source interface
ip radius source-interface
No comments:
Post a Comment