Setup Wizard - Remote Access - VPN - Managing Multiple Remote Access Servers

Applies To: Windows Server 2008

The remote access server can be configured to use either Routing and Remote Access or RADIUS as an authentication provider.

If Routing and Remote Access is selected as the authentication provider, the user credentials sent by users attempting connections are authenticated using typical Windows authentication mechanisms, and the connection attempt is authorized using the remote client’s user account properties and network policies. The remote access server must be joined to a domain to authenticate with Active Directory.

If RADIUS is selected and configured as the authentication provider on the remote access server, user credentials and parameters of the connection request are sent as RADIUS request messages to a RADIUS server. The RADIUS server receives a user-connection request from the remote access server and authenticates and authorizes the connection attempt. The RADIUS server must be joined to a domain to authenticate with Active Directory.

Using RADIUS

If you have more than one remote access server, rather than administer the network policies of all the remote access servers separately, you can configure a single server with the Network Policy Server (NPS) as a Remote Authentication Dial-In User Service (RADIUS) server and configure the remote access servers as RADIUS clients. The NPS server provides centralized remote access authentication, authorization, accounting, and auditing.

For more information about NPS, see Network Policy Server Help.