0

I'm no RADIUS expert. But my understanding is that RADIUS can use Active Directory as a 'realm' to authenticate.

This got me thinking - We have 3 separate clients in one building, and we manage the infrastructure. It would be sweet if we could have one entrance point back into the network for VPN access to all domains.

Two of our clients use windows 2003, setting up a trust between those two domains is no problem - but of course, SBS is a *@"#~ when it comes to working with other domains.

Then I thought of RADIUS. If I set up each domain as a 'realm' then I can change PPTP to be authenticated against a local RADIUS server, (which I am yet to build!), which also introduces the possibility of using it for our internal wifi spots too.

Am I chasing a red herring here, or can RADIUS make a difference for me?

Thank you for your time.

Mister IT Guru
  • 1,178
  • 3
  • 15
  • 35

1 Answers1

1

I setup RADIUS (IAS 2003) to bridge 2 domains in the past during a migration, so our users could still roam from one location to another with their laptops and still authenticate via wifi back to their respective home domain. You can do some cool stuff.

You'll need some way for the clients to send which realm they are a part of, which probably comes over in the PPTP domain\username as domain - never used pptp authenticating against RADIUS. As for wifi in the future, it depends on how configurable your equipment is when you are doing funky stuff with a few different domains.

I would say it's possible, it will definitely take some testing, but you should be on the right track. Put it in a lab and have a go. If nothing else, you will become a RADIUS expert. :)

Matt
  • 1,903
  • 13
  • 12
  • I got a Virtual Lab just for that reason :) Thank you for the advice - Moral of the story, sometimes experience is the only teacher hehe! Thanks Matt - Will take your advice. – Mister IT Guru Sep 30 '10 at 10:33