Configuration of the Windows 2003 RADIUS Server |
In our example, a Windows 2003 RADIUS server is used for advanced IPSec authentication (XAuth). Internet Authentication Service (IAS) must be installed on this server. The RADIUS server accesses the Microsoft Active Directory Service and uses Windows logon data for advanced IPSec authentication (XAuth).
Internet Authentication Service
In the Microsoft Management Console Internet Authentication Service the R3000 must be created in the New RADIUS Client submenu as a RADIUS client. Enter the designation and IP address of the VPN gateway.
New RADIUS Client
Here, the password for RADIUS communication (e.g. bintec elmeg ) is saved.
Password
Then, a new policy is created in the New Remote Access Policy Wizard.
Policy Name
When creating the Remote Access Policy, conditions to which this dial-in policy shall apply must be saved. In our example, the corresponding client provider is saved. For example, it would also be possible to save a specific time-span during which the dial-in policy should be used.
Policy Conditions
The dial-in policy should allow VPN access or access to the network. For this, enable Grant remote access permission .
Permissions
The other steps for creating a new dial-in policy can be taken over, as shown in the following steps.
Profiles
Dial-in constraints
Authentication
Encryption
New remote access policy wizard
Via user administration of Active Directory Services there is the option of allowing, or preventing, VPN dial-in per user.
dial-in
Copyright© Version 01/2020 bintec elmeg GmbH |