Ra-dius has always been known as a high-quality network protocol designed for info collection, authorization, and authentication of the used resources. Its main goal is to exchange data between network devices/clients and central platforms. However, how to perform Radius server configuration on Windows remains a critical issue some people fail to solve.
No worries; you still have us, Trustguide team! This insightful article will detail how to figure Ra-dius in small steps. Keep scrolling for more tips; it would be better to bring out your tools right now and follow our guidelines directly!
How to Perform Radius Server Configuration on Windows
Open “Server-Managers” consoles to run the wizard “Add Features and Roles”. Radius falls into the role of Network Policy Servers, which is why you must select the “Network Policies & Access Services” in the wizards that pop up for role selections.
Check whether the NPAS roles are installed on the host of your Window Servers. Once you have completed the role installations, go to the Tool menu and open Network Policies Servers (or nps. msc).
It’s necessary to register NPS servers in Active Directories, which allows you to use them in your domain. As the screen shows the snap-in NPS, click its root to choose “Register My Server in The Active Directories”. Confirm your registration here.
Another way is to register the server using commands:
netsh ras add registeredserver
With this method, your servers will gain the required authority to decode Active Directory properties of user accounts and authenticate users. Later, the system will include this program in the domain group IAS and RAS servers.
It’s time to add Ra-dius clients now – a device to help your program acquire authentication requests. It could also be a switch, Cisco router, Wifi access points, et cetera.
Expand the section “Ra-dius Servers and Clients” to insert extra Ra-dius clients in your NPS console trees. Once done, choose “New” from the Ra-dius client’s items.
Can you see the Setting bar? Fill in Friendly names, client addresses (you can describe the DNS name or IP address in detail), Shared secrets, and Confirmed share passwords (you will later use them for Cisco router/switch configuration).
Side Note: Major corporate networks rarely use shared secret passwords due to unsolved problems with the shared key distributions. Hence, people often prefer to count on certificates instead.
So should you possess corporate Certification Authorities for PKI infrastructure implementation, we suggest you import and request p12 certificates for NPS/Ra-dius servers. It’s easy; you only need to add the certifications to Local Machines’ certification stores.
Go to “Advanced” and choose Vendor – Cisco. Aside from NPS GUIs, you can also use PowerShell commands to add new Ra-dius clients. For instance, in this example, we will use PowerShell New-NpsRadiusClient cmdlet.
New-NpsRadiusClient –Address “192.168.31.1” –Name “cisco2960” –SharedSecret “Zb+kp^JUy]v\ePb-h.Q*d=weya2AY?hn+npRRp[/J7d”
Now you have learned tips for a successful Radius server configuration on Windows! If you still struggle, do not hesitate to ask us for more help.