RADIUS running on Microsoft Internet Authentication Service (IAS) does not authenticate without EAP
Originally Published: 2003-06-19
Article Number
Applies To
Microsoft Windows 2000 Server SP3
Microsoft Internet Authentication Service (IAS)
Issue
Installed RSA ACE/Agent 5.5 on Windows 2000. User is authenticating from a Cisco PIX firewall. RADIUS running on IAS receives the request, but does not forward to ACE/Server. ACE/Server log monitor does not show any errors.
Resolution
1. On Windows 2000, Microsoft IAS works only using EAP. The RADIUS running on IAS does not have the ability to proxy or forward the request using the Agent .DLL files. The end user machine must have EAP client installed.
For more information on configuring EAP on a Microsoft IAS server, please see the solution titled Installing RSA ACE/Agent 5.5 on Microsoft Internet Authentication Service (IAS) server.
2. Microsoft IAS RADIUS running on .NET server can forward the request to RSA ACE/Server using the Agent 5.0 .DLL's, and does not require to use EAP. Authentication request may come from any RADIUS client. RSA ACE/Agent 5.5 should be installed on a Microsoft IAS server.
NOTE: You can configure IAS in Windows Server 2003 Standard Edition with a maximum of 50 RADIUS clients and a maximum of 2 remote RADIUS server groups. You can define a RADIUS client using a fully-qualified domain name or an IP address, but you cannot define groups of RADIUS clients by specifying an IP address range. If the fully-qualified domain name of a RADIUS client resolves to multiple IP addresses, the IAS server uses the first IP address returned in the DNS query. However, with IAS in Windows Server 2003 Enterprise Edition and Windows Server 2003 Datacenter Edition, you can configure an unlimited number of RADIUS clients and remote RADIUS server groups. In addition, you can configure RADIUS clients by specifying an IP address range.
Related Articles
RSA Validation Manager services not starting Number of Views RSA Authentication Manager 8.1 SP1 Patch 4 Web Tier error message "LookupError: unknown encoding 'euc-jp-linux'" in Japane… Number of Views WSDL Error when trying to deploy RSA Identity Governance and Lifecycle 7.0.x on a WebSphere application server Number of Views Agent 7.X for IIS 7.5 on Windows 2008 for SecurID: AUTHN_METHOD_FAILED when trying to authenticate Number of Views Web tier does not come back online after upgrade to Authentication Manager 8.1 SP1 Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU RSA Authentication Manager Patch Updates How to manipulate imported RSA SecurID Software Token(s) on an iPhone or iPad device Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
