Server Properties - Security Tab - Authentication - Add RADIUS Server
Applies To: Windows Server 2008
| Dialog box element | Description |
|---|---|
Server name |
The DNS name or IP address of the Remote Authentication Dial-In User Service (RADIUS) server. IP addresses must be typed in dotted decimal notation. |
Shared secret |
Displays the obscured shared secret that is used for secure communications between the remote access server and the RADIUS server. You must configure the same shared secret on both the remote access server and the RADIUS server for successful RADIUS communications to occur. The shared secret is case-sensitive. |
Time-out (seconds) |
The amount of time (in seconds) that the remote access server tries to obtain responses from the RADIUS server before trying another RADIUS server. You can also click the arrows to select a new setting. |
Initial score |
The initial responsiveness score of the RADIUS server. You can also click the arrows to select a new setting. The score increases or decreases based on the ongoing responsiveness of the RADIUS server. |
Port |
For RADIUS Authentication: The UDP port that is used by the RADIUS server for incoming RADIUS authentication requests. The default value of 1812 is based on RFC 2138. For older RADIUS servers, set the port value to 1645. For RADIUS Accounting: The UDP port that is used by the RADIUS server for incoming RADIUS accounting messages. The default value of 1813 is based on RFC 2139. For older RADIUS servers, set the port to 1646. |
Always use message authenticator |
Specifies whether a message authenticator based on the shared secret is sent with each RADIUS message. Extensible Authentication Protocol (EAP) messages are always sent with a message authenticator. Make sure that your RADIUS servers are capable of and configured to receive message authenticators. You must select this option if your RADIUS server is running Network Policy Server (NPS) and the RADIUS client that is configured for this server has the Request must contain the Message Authenticator attribute option selected. |