SMS2 1 – Building The Radius Servers
This section of the documentation provides the steps required to build and configure the two Radius Servers used for this article.
The Radius Servers used for this environment were built using the Network Policy Server Role available as part of a Windows 2008 R2 Standard Edition Server installation.
The following subsections provide the steps which were performed on both Radius Servers used in this set of articles.
Installing The Network Policy and Access Services Role
The first step is to install the Network Policy and Access Control Role by performing the following steps :-
- Logon to the server as an Administrative Account in the Domain
- Open the Server Manager and then click on Roles in the Left Hand Pane
- Click on the Add Roles button on the Right Hand Side
- When prompted, select the Network Policy and Access Services Role and then click on Next to continue
- When prompted, select the Network Policy Server Role Service only and then click on Next to continue
- When prompted, click on Install to install the new Role
- Once completed, click on Finish and then close the Server Manager console
Configuring The Network Policy Server
The next step is to configure the Network Policy by performing the following steps :-
- Open the Network Policy Server console
- Expand the Policies branch in the Left Hand Pane
- Click on the Network Policies section and then Double Click on theConnections to other access servers policy
- Change the Access Permission to Grant access. Grant access if the connection request matches this policy
- Click on Apply and then OK to enable the policy
Configuring The Radius Clients
The next step is to configure the two Citrix NetScalers in the HA Pair as Radius Clients by performing the following steps :-
- Expand the RADIUS Clients and Servers branch in the Left Hand Pane
- Right Click on the RADIUS Clients section and select New
- When prompted, provide a Friendly Name for the Radius Client
- Configure the Address (IP or DNS) option as the NetScaler NSIP IP Address
- Set a Manual Shared Secret and confirm this in the Confirm shared secret option
- Click on OK to add the new Radius Client.
Perform the steps above to add the second Citrix NetScaler as a Radius Client remembering to use it’s NSIP IP Address.
In order to build the second Radius Server in the solution perform the steps above in all three subsections.