[AusNOG] Radiator vs FreeRADIUS

Chris Lee chris at datachaos.com.au
Tue May 20 13:33:47 EST 2014


On Mon, May 19, 2014 at 7:58 PM, Paul Gear <ausnog at libertysys.com.au> wrote:

> I'm also told that the Windows RADIUS server is pretty decent under 2008
> R2 & later, so if you've got Windows already you might want to see if it
> does the job for you.
>
>
Just beware of the 50 RADIUS client limit in standard editions of Windows
Server.

I started migration into Server 2008 R2 with Network Policy Server
installed, got to RADIUS client number 50 and couldn't add any more! The
server that had been run up for me by the sysadmins was only Standard
edition and so heavily restricted to what you can do with NPS on it.

Luckily we're already licenced for data centre edition so worked out for
the best since I now have a Windows 2012 datacentre edition and was able to
export and import my RADIUS clients from the 2008 server and keep adding
past 50 clients.

So far so good and pretty happy with NPS as RADIUS server, our ASA
firewalls didn't like the previous FreeRADIUS server (a kludgy port running
in Windows) for some reason occasionally refusing to authenticate, whereas
the new Windows server works with the ASA's without a problem, only slight
glitch I've seen so far is that the RADIUS "Reply-Message" attribute is
printed twice when you login, not sure if this is a bug in the ASA's
handling of those messages as all our other switches just show the reply
message once.

Cheers,
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140520/c655f83e/attachment.html>


More information about the AusNOG mailing list