Remote RADIUS server

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Remote RADIUS server

To provide RADIUS authentication, authorization, and accounting for an outsourced dial-up and Internet vendor, an IAS server computer that is used as a RADIUS proxy is placed in the organization's perimeter network. To forward RADIUS request messages, where the User-Name attribute contains the realm name example.microsoft.com, to a remote RADIUS server group that corresponds to primary and backup IAS servers inside an organization intranet, the following connection request policy is configured:

1. Use the New Remote RADIUS Server Group Wizard to create a new remote RADIUS server group named Intranet IAS servers. Configure the group with primary and backup servers that correspond to the two IAS server computers in the organization intranet.

   For more information, see Add a remote RADIUS server group.

2. Use the New Connection Request Policy Wizard to create a new connection request policy named Forward to intranet IAS servers. Configure the policy to forward RADIUS requests, configure the realm name of example.microsoft.com (but do not remove the realm name before authentication), and select the remote RADIUS server group named Intranet IAS servers.

   For more information, see Add a connection request policy.

Based on this connection request policy, all RADIUS request messages that contain the realm name example.microsoft.com in the User-Name attribute are forwarded to an IAS server in the organization intranet.

• Delete the default policy named Use Windows authentication for all users.

For more information, see Delete a connection request policy.