Internet Authentication Services Part III

In a previous article, I discussed Internet Authentication Services (IAS) as a solution for centralizing remote access authentication and accounting. Now that you are familiar with what IAS is designed for, let’s take a look at how you can install IAS in Windows Server 2003.

Internet Authentication Service can be installed using the Add or Remove Programs applet found within the Control Panel. You can install the software using the steps that are listed below:

  1. Click Start, point to Control Panel, and select Add or Remove Programs.
  2. Click Add/Remove Windows Components.
  3. From the list of Windows Components, click Net working Services and then click the Details button.
  4. From the list of networking services subcomponents, select Internet Authentication Service.
  5. Click OK.
  6. Click Finish.

After you have successfully installed this component, an applet will be added to the Administrative Tools submenu. You can use the Internet Authentication Services console to manage your IAS server. One thing you must do is add your remote access server as RADIUS clients. You can perform this using the procedure outlined below.

  1. Click Start, point to Administrative Tools, and click Internet Authentication Service.
  2. Right click RADIUS clients and select New RADIUS Client. This launches the New RADIUS Client wizard.
  3. Type in a friendly name for the client. Also specify the IP address or DNS name of the remote access server that will be a RADIUS client. Click Next.
  4. Specify any additional information and Click OK.
  5. The new RADIUS client will appear within the RADIUS Clients container.

If you are using IAS, you will also need to configure your remote access servers as RADIUS clients. This is a straightforward procedure that can be completed through the Routing and Remote Access console.

  1. Right click your remote access server within the Routing and Remote Access console and click Properties.
  2. From the Properties window select the Security tab and change the Authentication provider to RADIUS Authentication.
  3. Click the Configure button.
  4. From the RADIUS Authentication window click Add.
  5. Type in the name or IP address of the server running IAS. Click OK.
  6. Click OK again.
  7. From the Security tab, change the Accounting provider to RADIUS Accounting.
  8. Repeat the process outlined on step 5 to specify the server running IAS that will maintain the accounting information for the remote access server.