Appendix C. Configuring the RADIUS server
This appendix describes the necessary steps to configure a RADIUS server in order to be able to use
remote authentication on the ASMI G4 module. This is shown for a Windows 2003 Server Standard
Edition system with Active Directory enabled.
Prerequisites
1. Please check if Active Directory is enabled. If not, got to Start -> Run and type "dcpromo" to
enable Active Directory function. Follow the instructions to enable AD.
2. Make sure Internet Authentication Service is installed, enabled and registered to Active Directory.
•
To install Internet Authentication Service (IAS), go to Start -> Control Panel -> Add or
Remove Programs -> Add/Remove Windows Components. Select Networking Services by
double click on it. Tick Internet Authentication Service and then click OK. Then Click Next to
install IAS.
•
To register IAS to Active Directory, go to Start -> Administrative Tools -> Internet
Authentication Service. Then right click on Internet Authentication Service (Local), select
Register Server in Active Directory.
3. Create a Windows user group which will hold all users that are allowed to login to the ASMI
module. You can allow/deny login for a user just by adding/removing him/her to/from this group.
For this group there will be a custom remote access policy configured later on.
Groups can be maintained by the Active Directory Users and Groups tool: Start -> Administrative
Tools -> Active Directory Users and Computers -> Users.
4. Create all users to be authenticated from ASMI G4. Make sure Remote Access Permission (Dial-in
or VPN) access is set to Allow access where default is Deny access. To check, double click on user
an select the Dial-in tabulator.
Make all users member of the above group.
Add and configure a RADIUS client
This step is necessary to give the RADIUS server some information about the client (ASMI module) and
define a password phrase.
Go to Start -> Administrator Tools -> Internet Authentication Service. Right click on RADIUS
Clients and select New RADIUS Client.
Type a friendly name for this client. In this example, "ASMI at Server3" is used. And type the IP address
of the ASMI module that will be used as RADIUS client. In this example "192.168.1.198" is used. Select
Next after this is done.
93