Home > Cisco, Windows > Set Up Windows 2003 IAS Server with RADIUS Authentication for Cisco Router Logins

Set Up Windows 2003 IAS Server with RADIUS Authentication for Cisco Router Logins

As a companion to my article RADIUS Authentication for Cisco Router Logins, this post will discuss the configuration of a Windows 2003 R2 server for Cisco router logins using RADIUS authentication.  In my example I will install the Internet Authentication Service to support RADIUS on a Windows 2003 R2 domain controller and give router login access to an Active Directory domain user.

Configure User(s) for RADIUS Authentication on Windows Server 2003 R2

First Go into Start > Admin Tools > Active Directory Users and Computers.  Optionally you can create a new group and add users to it that you want to grant router login access.  In this example I will grant access to the existing Domain Admins user group.

Now double click a user account that you want to provide router login capability.  I will use the Administrator account.

In the user properties dialog click the Dial-in tab, then make sure that Remote Access Permission is set to “Allow access”.  You can also set this to “Control access through Remote Access Policy”, this should work with the policy settings we’ll specify later.  Click OK.

Install Windows 2003 IAS/RADIUS Service

Go to Start > Control Panel > Add or Remove Programs.

On the left click Add/Remove Windows Components.

Scroll down and highlight Networking Services, then click Details.

Place a check mark next to Internet Authentication Service, then click OK.

Click Next.  Click Finish at the install confirmation window.

Configure Windows 2003 IAS/RADIUS Service for Cisco Router Logins

Now let’s configure the policies to allow our Cisco router to make authentications against this IAS/RADIUS server.  Go to Start > Admin Tools > Internet Authentication Service.

In the left pane tree right click Remote Access Policies and choose New Remote Access Policy from the menu.

Select “Set up a custom policy” and type a name for your Cisco router policy.  Click Next.

Click Add in the Policy Conditions.

Highlight the Windows Groups attribute type and click Add.


Pages: 1 2 3

Categories: Cisco, Windows Tags: ,
  1. Shaun
    August 27, 2010 at 9:56 pm

    Again. For my 2k3 box. You are amazing! Thank you!

  2. Mario
    July 26, 2011 at 4:01 am

    very cool article…. very well put together.

  3. azeem
    May 23, 2012 at 10:00 am

    this is article very nice & help ful and thnkzz ku”……….from asim
    & lala azeem

  4. DDA
    August 1, 2012 at 3:18 pm

    I am running and Endian firewall and can’t get radius authentication to work. I know it is very similar to this procedure, can you help?

  5. November 24, 2012 at 1:06 pm

    Nice article.. Let me try this on a Windows 2003 Server. Thak you very much

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: