RADIUS Setup

[blemoine]

we are using an Instagate Firewall that acts as a proxy server & email server. On the firewall you can enable remote authentication which should forward authentication request to a radius server. We are running Server 2003 with active directory. i would like everyone to be able to use their Network username and password for internet access and email. i have setup IAS (probably not correctly) on the Domain controller. On the Instagate it asks for the Radius server, port number and shared secret. when they go to authenticate no matter what they put in they get denied. what am i doing wrong. if you need any more info please ask. thanks

 

[BornStar]

I was just working on this today. You need to set up a client with the IP address of the firewall in the IAS configuration snapin. Make sure that the port and the shared secret are the same (the port should be 1812).

 

[blemoine]

ok what else because this is still not working. do you have to create custom access rules? i just created the client. i am using port 1812 and the same shared secret on both. what should i check next?

 

[racolvin]

hard to say without being able to see your setup directly, but maybe start here: Link

 

[BornStar]

Alright, I had to turn off encrypted logins in IAS. To do this click "Remote Access Policies" then get properties on "Connections to other access servers". Then click edit profile and disable both versions of MS-CHAP and enable PAP. I'm using IAS for VPN access so I think my requirements are slightly different than yours but you should try it anyway.

 

[blemoine]

should i be typing my usernname like: username or should it be domain\username or
user@domain.com?

 

[BornStar]

It was only necessary to use username for us.