Information Technology Reference
In-Depth Information
FIGURE 4-4 The Verify Address dialog box
Click OK to return to the New RADIUS Client dialog box.
8.
In the Shared Secret section of the New Radius Client dialog box, select Manual to type
in a manual shared secret. Or select Generate and then click Generate to generate a
very long, random shared secret.
9.
NOTE
LONG SHARED SECRETS
The shared secret generated by the wizard is longer than some RADIUS clients can support.
You can shorten it by deleting a portion and still retain the preferred randomness of the
shared secret. However, if your RADIUS client is Windows Server 2012 R2 with the Remote
Access role installed, the full length of the generated secret can be used.
10. Copy the shared secret and paste into the RADIUS client, as shown in Figure 4-5. (This
is a Windows Server 2012 R2 server with the Remote Access role installed, configured
for VPN, but there is an equivalent for any brand or type of RADIUS client.)
11. Click OK to add the RADIUS client. Click Add to add additional clients, Edit to change
the settings for a client, or Remove to remove a client from the list of supported
RADIUS clients.
12. Click Next to open the Configure Authentication Methods page shown in Figure 4-6.
The authentication methods supported are as follows:
Extensible Authentication Protocol Use this protocol to support smart cards,
Protected Extensible Authentication Protocol (PEAP), and EAP-MSCHAPv2.
Microsoft Encrypted Authentication Version 2 (MS-CHAPv2) The default; it
allows users to specify a password for authentication.
Microsoft Encrypted Authentication (MS-CHAP) Use only if you need to
support operating systems that don't support MS-CHAPv2.
 
Search WWH ::




Custom Search