Configuring Forefront TMG as a RADIUS client
Updated: February 1, 2011
Applies To: Forefront Threat Management Gateway (TMG)
This topic describes how to configure Forefront TMG as a RADIUS client. As a RADIUS client, Forefront TMG sends RADIUS messages to the Network Policy Server (NPS) for authentication and authorization of the virtual private network (VPN) connection.
To configure Forefront TMG as a RADIUS client
In the Forefront TMG Management console, in the tree, click Remote Access Policy (VPN), and then in the details pane, click the VPN Clients tab.
Click Specify RADIUS Configuration.
On the RADIUS tab, click Use RADIUS for authentication, and then click RADIUS Servers.
If a RADIUS server representing the NPS is not configured, click Add. If a RADIUS server has been configured, verify that the configuration matches the one specified in the following steps.
In the Server name box, enter the name or IP address of the NPS server.
To create a new shared secret, click Change. Record the shared secret for use when configuring the NPS server.
Important
If you experience communication problems between Forefront TMG and the NPS, consider increasing the time-out value, which is configurable on the RADIUS server.
On the Add RADIUS Server dialog box, click OK.
If multiple RADIUS servers are listed on the RADIUS Servers dialog box, use the up arrow to promote the NPS RADIUS server to the top of the list, and then click OK.