RADIUS Server

Discussion in 'MCSE' started by Steve Ray, Oct 9, 2007.

  1. Steve Ray

    Steve Ray Guest

    Guys

    I'm looking for a "free to use" RADIUS server I can use within my domain.
    Does anyone have any recommendations

    Thanks

    Steve
     
    Steve Ray, Oct 9, 2007
    #1
    1. Advertising

  2. "Steve Ray" <> wrote in
    news:fefm9s$sql$:

    > Guys
    >
    > I'm looking for a "free to use" RADIUS server I can use within my
    > domain. Does anyone have any recommendations
    >
    > Thanks
    >
    > Steve
    >
    >


    Are you looking to enable the "Internet Authentication Service" in Windows
    Server 2003, or am I oversimplifying your need?
     
    Red Swingline Stapler, Oct 9, 2007
    #2
    1. Advertising

  3. Its possible he doesn't know about IAS.And no I don't think you over
    simplified his need. I'd reccomend IAS too, its a pretty solid solution.

    --
    ..rev

    "It is the mark of an educated man to be able to entertain a thought without
    accepting it"
    ~Aristotle
    ..
    "Red Swingline Stapler" <> wrote in message
    news:Xns99C4559DC95A0nowaycom@207.46.248.16...
    > "Steve Ray" <> wrote in
    > news:fefm9s$sql$:
    >
    >> Guys
    >>
    >> I'm looking for a "free to use" RADIUS server I can use within my
    >> domain. Does anyone have any recommendations
    >>
    >> Thanks
    >>
    >> Steve
    >>
    >>

    >
    > Are you looking to enable the "Internet Authentication Service" in Windows
    > Server 2003, or am I oversimplifying your need?
     
    The Rev [MCT], Oct 9, 2007
    #3
  4. Steve Ray

    Briscobar Guest

    "The Rev [MCT]" <> wrote in message
    news:%...
    > Its possible he doesn't know about IAS.And no I don't think you over
    > simplified his need. I'd reccomend IAS too, its a pretty solid solution.



    The OP has a stupid name.
     
    Briscobar, Oct 9, 2007
    #4
  5. Hey now. :p

    --
    ..rev

    "It is the mark of an educated man to be able to entertain a thought without
    accepting it"
    ~Aristotle
    ..
    "Briscobar" <> wrote in message
    news:%23$...
    >
    > "The Rev [MCT]" <> wrote in message
    > news:%...
    >> Its possible he doesn't know about IAS.And no I don't think you over
    >> simplified his need. I'd reccomend IAS too, its a pretty solid solution.

    >
    >
    > The OP has a stupid name.
    >
     
    The Rev [MCT], Oct 9, 2007
    #5
  6. Steve Ray

    Steve Ray Guest

    Hi

    No I'm not looking to do this. I have 2 VLANS on site, each has its own
    Windows 2003 domain (VLAN1 - Staff / VLAN2 - Students.

    I am deploying wireless within the network and do no want to deploy wireless
    access points per vlan. I'm interested in deploying a wireless VLAN (say
    VLAN 3) and then authenticating the users into their relevant VLAN via
    (possibly) RADIUS.

    This means that users that are authenticated get their relevant AD settings
    and users that do not / cannot authenticate only get a non routable IP range

    Or maybe IAS can do this ? Would I need 1 IAS server per domain presumably

    Hope this makes sense

    Steve

    "Red Swingline Stapler" <> wrote in message
    news:Xns99C4559DC95A0nowaycom@207.46.248.16...
    > "Steve Ray" <> wrote in
    > news:fefm9s$sql$:
    >
    >> Guys
    >>
    >> I'm looking for a "free to use" RADIUS server I can use within my
    >> domain. Does anyone have any recommendations
    >>
    >> Thanks
    >>
    >> Steve
    >>
    >>

    >
    > Are you looking to enable the "Internet Authentication Service" in Windows
    > Server 2003, or am I oversimplifying your need?
     
    Steve Ray, Oct 9, 2007
    #6
  7. "Steve Ray" <> wrote in
    news:LEQOi.4326$:

    > Hi
    >
    > No I'm not looking to do this. I have 2 VLANS on site, each has its
    > own Windows 2003 domain (VLAN1 - Staff / VLAN2 - Students.
    >
    > I am deploying wireless within the network and do no want to deploy
    > wireless access points per vlan. I'm interested in deploying a
    > wireless VLAN (say VLAN 3) and then authenticating the users into
    > their relevant VLAN via (possibly) RADIUS.
    >
    > This means that users that are authenticated get their relevant AD
    > settings and users that do not / cannot authenticate only get a non
    > routable IP range
    >
    > Or maybe IAS can do this ? Would I need 1 IAS server per domain
    > presumably
    >
    > Hope this makes sense
    >
    > Steve
    >
    > "Red Swingline Stapler" <> wrote in message
    > news:Xns99C4559DC95A0nowaycom@207.46.248.16...
    >> "Steve Ray" <> wrote in
    >> news:fefm9s$sql$:
    >>
    >>> Guys
    >>>
    >>> I'm looking for a "free to use" RADIUS server I can use within my
    >>> domain. Does anyone have any recommendations
    >>>
    >>> Thanks
    >>>
    >>> Steve
    >>>
    >>>

    >>
    >> Are you looking to enable the "Internet Authentication Service" in
    >> Windows Server 2003, or am I oversimplifying your need?

    >
    >
    >


    Your situation is a little over my head I believe, but this white paper
    may explain everything for you:

    http://download.microsoft.com/download/c/d/5/cd53de2e-5baa-4118-a246-
    5d980f9a9085/ias_vlans.doc
     
    Red Swingline Stapler, Oct 9, 2007
    #7
  8. For security sake the best option would be to set the Student network as a
    perimeter network between the internet facing firewall and the internal
    facing staff network firewall and using Radius or not implement a VPN
    solution back to the Staff network for trusted connection. This is of course
    assuming you have only one internet facing publicly addressable IP address
    and that is the original reason your public and private networks were even
    that close to each other.

    If you have a router with two IP addresses facing the internet than leaving
    the two networks completely separate would be best. As for wireless I would
    recommend access points that do not in any way talk to both networks if you
    can help it. Money shouldn't be a consideration when you consider a WAP can
    be purchased for around $35USD with support with WPA/WPA2 (802.1x)

    Good luck with this. I've actually implemented both of these solutions at
    home and at work. At the office the public network and private network leave
    separate internet feeds, not just separate IP's. We use two different
    vendors for internet access so these two networks have no way to communicate
    with one another. And at home I implemented a 3 layer network with 2 with
    wireless and one without wireless, but all of which use the same internet
    feed through a single public facing IP address.

    If however you still decided you want to go with a Radius solution for
    authentication you would need to use 2 Radius Servers, one for each domain,
    and install a Radius Proxy and IAS can do this for you. I will not go into
    it, but its not entirely complicated. A decent TechNet article can be found
    here: http://tinyurl.com/2s4x7o

    OR:
    http://technet2.microsoft.com/windo...1eff-4ba4-8cc8-264f26fe0a8f1033.mspx?mfr=true

    --
    ..rev

    "It is the mark of an educated man to be able to entertain a thought without
    accepting it"
    ~Aristotle
    ..
    "Steve Ray" <> wrote in message
    news:LEQOi.4326$...
    > Hi
    >
    > No I'm not looking to do this. I have 2 VLANS on site, each has its own
    > Windows 2003 domain (VLAN1 - Staff / VLAN2 - Students.
    >
    > I am deploying wireless within the network and do no want to deploy
    > wireless access points per vlan. I'm interested in deploying a wireless
    > VLAN (say VLAN 3) and then authenticating the users into their relevant
    > VLAN via (possibly) RADIUS.
    >
    > This means that users that are authenticated get their relevant AD
    > settings and users that do not / cannot authenticate only get a non
    > routable IP range
    >
    > Or maybe IAS can do this ? Would I need 1 IAS server per domain presumably
    >
    > Hope this makes sense
    >
    > Steve
    >
    > "Red Swingline Stapler" <> wrote in message
    > news:Xns99C4559DC95A0nowaycom@207.46.248.16...
    >> "Steve Ray" <> wrote in
    >> news:fefm9s$sql$:
    >>
    >>> Guys
    >>>
    >>> I'm looking for a "free to use" RADIUS server I can use within my
    >>> domain. Does anyone have any recommendations
    >>>
    >>> Thanks
    >>>
    >>> Steve
    >>>
    >>>

    >>
    >> Are you looking to enable the "Internet Authentication Service" in
    >> Windows
    >> Server 2003, or am I oversimplifying your need?

    >
    >
     
    The Rev [MCT], Oct 10, 2007
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?QXJqZW4gQm9z?=

    Wireless Access Point with Radius Server > authentication?

    =?Utf-8?B?QXJqZW4gQm9z?=, Dec 23, 2004, in forum: Wireless Networking
    Replies:
    0
    Views:
    1,307
    =?Utf-8?B?QXJqZW4gQm9z?=
    Dec 23, 2004
  2. Jeff
    Replies:
    4
    Views:
    4,430
  3. David
    Replies:
    0
    Views:
    2,700
    David
    Nov 6, 2003
  4. Ohad Dallal

    VSAs in steel-belted radius server

    Ohad Dallal, Feb 18, 2004, in forum: Cisco
    Replies:
    0
    Views:
    536
    Ohad Dallal
    Feb 18, 2004
  5. Neshat
    Replies:
    4
    Views:
    1,123
    Aaron Leonard
    Feb 20, 2004
Loading...

Share This Page