Windows Server 2008: how to configure Network Policy Server or Radius Server –Step by Step Guide

最新推荐文章于 2024-04-21 11:41:15 发布
最新推荐文章于 2024-04-21 11:41:15 发布
阅读量2.8k 收藏
点赞数
分类专栏: Cisco与网络技术 文章标签: server windows network vpn microsoft user
Step1: Prepare AAA Environment
  • Windows Server 2008 SP2 or Windows Server 2008 R2
  • Active Directory Domain Services
  • Active Directory Certificate Services
  • DHCP
  • Radius i.e. NPS must be a member of domain
  • Computer certificate installed in Radius Server
  • Windows 7, Windows XP or Mac OSX 10.5.8 Client
  • Cisco Wireless Access Point
Step2: Installation

Start menu>Administrative Tools>Server manager>Roles>Add Roles

Step3: Setup Clients

Administrative Tools>Network Policy Server>Radius Client>Right Click>New Radius Client

Radius Secret mentioned here must be same in Cisco Wireless Access Point. You must verify connection by clicking verify.

Step4: Setup Policy

Network Policy Server>Policies>network Policies>Right Click>New

 

This is highly important part of entire config. Based on your need, you have to choose desire config type among all.

VPN Tunnel Type:L2TP

NASPort Type: VPN or Wireless

EAP Type: EAP-TLS, MSChap v2 or PEAP

AD Group: Wireless User Group or VPN User Group

Here, you can choose one or both depending on your infrastructure. I have shown both VPN and Wireless Client.

Here, I am showing both EAP type for this article. But you have to choose only one again depending on your infrastructure.

Smart card or Certificate is the best option. For Windows 7 and XP, only certificates will work smooth as silk. However, if you have Macintosh Client then you have choose Certificate and PEAP.

If you want VPN client to authenticate via Radius i.e. NPS then select Tunnel type.

Here, I explained  standard Radius config. I would recommend following for two different situations:

  • L2TP, Certificate and EAP for VPN Client
  • Certificate, PEAP and MSChap v2 for Wireless Client.

You can have more then one policy in NPS. A single server can be used to authenticate both VPN and Wireless Client. For some weird reason, my Macintosh client did not work with only user and machine certificate. Apple support advised me to use user cert and Radius shared secret instead. But for Windows 7 and XP client, certificates and EAP will work smooth as silk.

Further Help:

Microsoft Technet

Keywords: L2TP, Radius, NPS, Windows Server 2008, Certificates

robur
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Network Access Policy Server Setup
03-15
Step on Step how to setup NAP Server
Foundations of Python Network Programming(3rd) 英文版pdf
01-10
http://www.amazon.com/Foundations-Python-Network-Programming-Brandon/dp/1430258543 这本书是2014年底出版的,基于最新的 python3.4 版本。 配书源码链接 https://github.com/brandon-rhodes/fopnp 目录 Chapter 1: Introduction to Client-Server Networking Chapter 2: UDP Chapter 3: TCP Chapter 4: Socket Names and DNS Chapter 5: Network Data and Network Errors Chapter 6: TLS/SSL Chapter 7: Server Architecture Chapter 8: Caches and Message Queues Chapter 9: HTTP Clients Chapter 10: HTTP Servers Chapter 11: The World Wide Web Chapter 12: Building and Parsing E-Mail Chapter 13: SMTP Chapter 14: POP Chapter 15: IMAP Chapter 16: Telnet and SSH Chapter 17: FTP Chapter 18: RPC Instead, this book focuses on network programming, using Python 3 for every example script and snippet of code at the Python prompt. These examples are intended to build a comprehensive picture of how network clients, network servers, and network tools can best be constructed from the tools provided by the language. Readers can study the transition from Python 2 to Python 3 by comparing the scripts used in each chapter of the second edition of this book with the listings here in the third edition—both of which are available at https://github.com/brandon-rhodes/fopnp/tree/m/ thanks to the excellent Apress policy of making source code available online. The goal in each of the following chapters is simply to show you how Python 3 can best be used to solve modern network programming problems.
Exchange Server 2010 Unleashed.pdf
08-16
Introduction 3 the CAS role and the Hub Transport role, two updated roles to Exchange Server 2010 that are critical to the Exchange Server 2010 organizational environment. .Part VI: Exchange Server 2010 Administration and Management—In this part, five chapters focus on the administration and management of an Exchange Server 2010 environment. The administration and management of mailboxes, distri- bution lists, sites, and administration have been greatly enhanced in Exchange Server 2010. Although you can continue to perform many of the tasks the way you did in the past, because of significant changes in replication, background transac- tion processing, secured communications, integrated mobile communications, and changes in Windows Server 2003 Active Directory, there are better ways to work with Exchange Server 2010. These chapters drill down into specialty areas helpful to administrators of varying levels of responsibility. .Part VII: Unified Communications in an Exchange Server 2010 Environment—This section has been completely updated for Exchange Server 2010 with the revised Unified Messaging role, new mobility functionality, and tight inte- gration with SharePoint 2007/2010. As previously mentioned in this introduction, Exchange Server 2010 not only improves voice mail to Exchange Server, but also the addition of voice integration takes Exchange Server 2010 far beyond just an email and calendaring solution. This addition takes Exchange Server into an area where communication is conducted on personal computers, mobile handheld devices, and from remote kiosks and terminal systems. The chapters in this part of the book highlight all the enhanced technologies andintegration capabilities that make Exchange Server 2010 the core foundation to the future of an organization’s communications infrastructure. .Part VIII: Client Access to Exchange Server 2010—This part of the book focuses on the enhancements to the Outlook Web App client, various Outlook client capabilities, and Outlook for non-Windows systems. Outlook Web App is no longer just a simple browser client, but one that can effectively be a full primary user client to Exchange Server, including access to network file shares, an entry point to SharePoint shares, and a remote voice mail collection point. In addition, Outlook Web App now has full functionality for non-Windows users, such as users who access Exchange Outlook Web App from an Apple Mac computer. Being that Exchange Server 2010 nowincludes voice and mobile communications as a major component of the Exchange Server environment, client access as well as the distrib- ution, management, and support of the client becomes even more important. .Part IX: Data Protection and Disaster Recovery of Exchange Server 2010— As organizations implement Exchange Server 2010 and make it their central store for email, calendars, contacts, voice and fax communications, and mobile commu- nications, it is no longer an option to set up and support an environment where downtime is even a possibility. This part of the book covers the new continuous backup technologies built in to Exchange Server 2010 intended to keep Exchange Server 2010 operating in a nonstop environment. Additional chapters in this part address backing up and restoring Exchange Server data, along with the recovery of an Exchange Server 2010 environment in the event of a disaster. From the Library of Lee Bogdanoff Microsoft Exchange Server 2010 Unleashed 4 .Part X: Optimizing Exchange Server 2010 Environments—This last part of the book addresses optimization in terms of server and Exchange Server 2010 organiza- tional environment optimization, optimization of the new Database Availability Group (DAG) storage and replication system, and system optimization that goes far beyond the basics. Rather than simply tuning an Exchange server with the appropri- ate amount of RAM and disk space, Exchange Server 2010 takes on a whole new area of load balancing data storage across distributed storage subsystems in which information is managed and replicated as an integral part of Exchange Server 2010. The real-world experience we have had in working with Exchange Server 2010 and our commitment to writing this book based on years of field experience in early adopter Exchange Server 2010 environments enable us to relay to you information that we hope will be valuable in your successful planning, implementation, and migration to an Exchange Server 2010 environment. In the past 15 years, we have written a book on every version of Exchange Server since its inception built on at least two years of early adopter beta experience. This book, Microsoft Exchange Server 2010 Unleashed, is the latest of our efforts. However, because Exchange Server 2010 is effectively based on Exchange Server 2007 and could potentially be considered a major service pack update to the product, there are enough differences in the new release that it required complete rethinking of the way we wrote this book. Rather than being just an email and calendaring product, Microsoft added a handful of new server roles to Exchange Server 2007 to improve security and reliability that Microsoft further enhanced in Exchange Server 2010. In addition, Exchange Server 2010 greatly expands on Microsoft’s offering in the areas of unified messaging that it entered into the marketplace with Exchange Server 2007. Exchange Server 2010 has not enhanced the Unified Messaging server role, but Exchange Server is now clearly the backbone of an entire unified communications strategy that Microsoft has built over the past several years. Beyond just email and calendaring, ExchangeServer 2010 is now the foundation for voice and mobile communications. Just a decade and a half ago, email was just one of a number of different ways people communicated. Early implementations of Exchange Server (v4.0, v5.0) had organizations tolerant if a server was down for a day or two. Today, email has become an extremely important, if not primary, method of communication for organizations. Downtime on an Exchange server can bring an entire organization to its knees. With Exchange Server 2010 adding voice mail and mobile communications into the messaging environment, an Exchange Server 2010 server and environment can no longer tolerate failures caused by viruses and spam, nor systemdowntime caused by server crashes or database corruption. You will find that the improvements Microsoft has made to Exchange Server 2010 are not only evolutionary improvements, but highly critical if not absolutely essential to Microsoft’s responsibility to help organizations maintain a safe, secure, and reliable communications infrastructure. This book covers all the aspects of Exchange Server 2010 from introducing the technologies, to properly planning and designing Exchange Server, to the implementation, management, and support of an Exchange Server 2010 environ- ment built on tips, tricks, and best practices from more than two years of early adopter implementations in the field. This book is organized into 10 parts, each part focusing on core Exchange Server 2010 areas, with several chapters making up each part: .Part I: Microsoft Exchange Server 2010 Overview—This part provides an intro- duction to Exchange Server 2010, not only from the perspective of a general tech- nology overview, but also to note what is truly new in Exchange Server 2010 that made it compelling enough for organizations to implement the technology in beta From the Library of Lee Bogdanoff 2 Microsoft Exchange Server 2010 Unleashed in a production environment. This part also covers best practices of planning, proto- type testing, and migration techniques. .Part II: Planning and Designing an Exchange Server 2010 Environment— This part covers the design of an underlying Windows Server 2003/2008 and Active Directory environment in addition to the Exchange Server 2010 unified communi- cations environment. Because organizations of varying sizes have different needs and requirements, as appropriate, this part addresses core Exchange Server 2010 design plans and concepts appropriate for most organizations, and specific attention is given to enterprise-level design and planning considerations for some of the largest Exchange Server implementations in the world. This part also covers the integration of Exchange 2010 in a non-Windows environment as well as tips, tricks, and best practices for getting a Windows Server2003/2008 Active Directory, DNS, and domain structure properly planned and architected. .Part III: Implementing Exchange Server 2010 Services—This part covers the core implementation of Exchange Server 2010 as well as the new Edge Services role that has been added to the Exchange Server organizational structure to provide protection against viruses and spam. In addition, this section has a chapter on the Exchange Management Script based on PowerShell, the Microsoft scripting solution that is the basis of the configuration, administration, and operations of Exchange Server 2010. .Part IV: Securing an Exchange Server 2010 Environment—Security is on everyone’s mind these days, and it was absolutely critical to have several chapters that covered security. The chapters in this part of the book include client-level, server-level, and transport-level security that is at the backbone of security for a network environment. A dedicated chapter on email encryption was necessary to cover the use of certificate-based encryption technologies to enable an organization the ability to provide person-to-person encrypted message communications. In addi- tion, chapters on Microsoft ISA Server 2006 enhancing security at the edge and a chapter on enterprise policy environment addressing regulatory compliance security enhancements added to ExchangeServer 2010 round out this extensive part on security. .Part V: Migrations and Coexistence with Exchange Server 2010—This part is dedicated to migrations, client access servers (CASs), and Hub Transport servers. This part provides a chapter specifically on migrating from Windows 2003 Server to Windows Server 2008 for organizations that want to migrate to a base Windows 2008 environment during their migration to Exchange Server 2010. And, of course, this part includes a chapter on migrating from Exchange Server 2003 and Exchange Server 2007 to the new Exchange Server 2010 unified communications environ- ment. Because Microsoft does not provide migrations from Exchange Server 5.5 or Exchange Server 2000 to Exchange Server 2010, nor does it provide in-place upgradesto Exchange Server 2010, there are fewer options to choose from, which means that the method you are left with needs to be planned, tested, and executed with the utmost care to minimize, if not eliminate, any interruption to users. This part of the book includes a chapter that covers the planning and implementation of From the Library of Lee Bogdanoff
Foundations of Python Network Programming(3rd).pdf 0分
12-11
重新上传免积分 http://www.amazon.com/Foundations-Python-Network-Programming-Brandon/dp/1430258543 这本书是2014年底出版的,基于最新的 python3.4 版本。 配书源码链接 https://github.com/brandon-rhodes/fopnp 目录 Chapter 1: Introduction to Client-Server Networking Chapter 2: UDP Chapter 3: TCP Chapter 4: Socket Names and DNS Chapter 5: Network Data and Network Errors Chapter 6: TLS/SSL Chapter 7: Server Architecture Chapter 8: Caches and Message Queues Chapter 9: HTTP Clients Chapter 10: HTTP Servers Chapter 11: The World Wide Web Chapter 12: Building and Parsing E-Mail Chapter 13: SMTP Chapter 14: POP Chapter 15: IMAP Chapter 16: Telnet and SSH Chapter 17: FTP Chapter 18: RPC Instead, this book focuses on network programming, using Python 3 for every example script and snippet of code at the Python prompt. These examples are intended to build a comprehensive picture of how network clients, network servers, and network tools can best be constructed from the tools provided by the language. Readers can study the transition from Python 2 to Python 3 by comparing the scripts used in each chapter of the second edition of this book with the listings here in the third edition—both of which are available at https://github.com/brandon-rhodes/fopnp/tree/m/ thanks to the excellent Apress policy of making source code available online. The goal in each of the following chapters is simply to show you how Python 3 can best be used to solve modern network programming problems.
Windows Server 2008 Security Resource Kit
06-16
(PDF 英文版) by Jesper M. Johansson Paperback: 750 pages Publisher: Microsoft Press (March 10, 2008) ISBN-10: 0735625042 ISBN-13: 978-0735625044 This official Microsoft RESOURCE KIT delivers the in-depth, technical information and tools you need to help protect your Windows based clients, server roles, networks, and Internet services. Leading security experts explain how to plan and implement comprehensive security with special emphasis on new Windows security tools, security objects, security services, user authentication and access control, network security, application security, Windows Firewall, Active Directory security, group policy, auditing, and patch management. The kit also provides best practices based on real-world implementations. 详细介绍在此:http://www.microsoft.com/MSPress/books/11841.aspx
k8s NetworkPolicy 实战
Cyril的博客
12-10 434
NetworkPolicy 是一种以应用为中心的结构,允许设置如何允许 Pod 与网络上的各类网络“实体” (这里使用实体以避免过度使用诸如“端点”和“服务”这类常用术语, 这些术语在 Kubernetes 中有特定含义)通信。
【逗老师带你学IT】Windows Server NPS服务构建基于AD域控的radius认证
热门推荐
逗老师的博客
03-09 1万+
本文介绍使用Windows NPS服务构建radius认证服务器 NPS相比较使用linux freeradius构建认证服务器主要有以下优点: 1、无缝集成微软身份认证,域证书认证,PEAP Windows登录凭据身份认证。 2、无缝集成微软AD域控认证 3、图形化配置,比较形象和直观 4、集成SQL Server记账数据库,后期审计更轻松。 一、Windows Server Network P...
windows server 2008 r2系统远程访问服务配置
u012007592的博客
02-20 1749
windows server 2008系统VPN服务配置 2019-03-22 题外话:看好多人是搜索飞兔VPN进来的,应该是想下载这个软件,这个网站和飞兔VPN真的没有任何关系。如果想下载就点这里下载吧。 自搭桥虽然有成就感,但用了一段时间感觉,还是直接用别人的方便呐! Windows sever 2008 R2的NPS(network policy server)可以将服务器配置...
【逗老师带你学IT】Windows Server Network Policy Service(NPS)记账与审计
逗老师的博客
03-09 2549
本文主要介绍通过Windows NPS构建RADIUS服务器的记账及后期用户流量审计 关于如何使用NPS与域控集成认证,可以参照前一篇文章 Windows Server NPS服务构建基于AD域控的radius认证 一、安装SQL Server 1、安装SQL Server服务器 贼简单,一路Next就好,下方放出MSDN Itell you的连接 SQL Server 2016 Develope...
what is policy server
燃烧的游戏人生
02-26 268
A policy server is a security component of a policy-based network that provides authorization services and facilitates tracking and control of files. The policy server accepts access control reque
windows 2008 NPS配置手册
12-14
windows 2008 NPS配置手册,图文非常详细
使用win2012的radius对华为交换机telnet进行认证
03-04
使用win2012的radius对华为交换机telnet进行认证
IIS7 Windows_receivest1_iis_configure_windowsserver_asp.net_源码
10-04
How to configure windows iis with asp.net
精通windows server 2008 命令行与powershell 电子书PDF单文件完整版
09-08
精通windows server 2008 命令行与powershell 电子书PDF单文件完整版 内容简介: 本书全面地介绍了Windows Server 2008命令行、PowerShell和脚本的使用,包括文件和文件夹的管理、磁盘管理、系统管理、活动目录...
70-412 Configuring Advanced Windows Server 2012 R2.pdf
05-29
配置 Windows Server 高级功能,其中包括: Configure and manage high availability Configure file and storage solutions Implement business continuity and disaster recovery Configure network services ...
精通windows server 2008 命令行与powershell电子书PDF版(第一卷)
08-02
《精通Windows Server 2008命令行与PowerShell》的内容简介回到顶部↑ 本书全面地介绍了windows server 2008命令行、powershell和脚本的使用,包括文件和文件夹的管理、磁盘管理、系统管理、活动目录管理、网络管理...
How to Install and Configure an NFS Server on Ubuntu 18.04.pdf
12-03
在Ubuntu18.04中安装NFS服务器以及配置NFS 客户端,详细安装步骤过程,简单实用,一学就会
使用Spring Boot整合定时任务(Schedule)
qq_61068952的博客
04-18 637
用于配置Cron表达式,指定定时任务的执行时间规则。当前实现是单线程的,如果批量新增的数据量很大,可能会导致定时任务执行时间过长,影响系统的响应性能。:用于指定时区,影响Cron表达式的解析和定时任务的执行时间。默认情况下,定时任务使用服务器的时区。接口时,您可以对Spring的定时任务进行更加细致和定制化的配置。:用于指定定时任务首次执行的延迟时间,单位为毫秒。注解指定定时任务的执行时间,并编写批量新增的逻辑。注解的属性来配置定时任务的执行时间。表示每隔1分钟执行一次任务,不论任务的执行时间。
集合框架(二)前置知识
最新发布
2301_80477449的博客
04-21 208
可变参数:就是一种特殊形参,定义在方法,构造器的形参列表里,格式是:“数据类型...参数名称”特点:可以不传数据给它,可以传一个或多个数据给它,也可以传一个数组给它。Collections提供的常用静态方法。②一个形参列表中可变参数只能有一个。③可变参数必须放在形参列表的最后面。①可变参数在方法内部就是一个数组。好处:常常用来灵活的接受数据。*是一个用来操作集合的工具类。可变参数的特点和好处。
The connection to the server localhost:8080 was refused - did you specify the right host or port?
05-26
This error message typically means that the client was not able to establish a connection... You may need to configure the network settings or firewall rules to allow the communication. Hope this helps!

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值