Information Technology Reference
In-Depth Information
FIGURE 4-16
The Configure Settings page of the New Connection Request Policy Wizard
19.
Specify any additional settings, such as the Realm Name Attribute, click Next, and then
click Finish to complete the policy creation.
20.
You can also configure Remote RADIUS Server Groups And Accounting from the
Getting Started details pane if you need to add a new group of servers.
You can use NPS as a RADIUS proxy to build a multiple RADIUS server infrastructure. Acting
as a RADIUS proxy, NPS can forward requests to different RADIUS servers based on the
RADIUS client criteria, type of authentication or port used, or the originating or targeted IP
address of the request. Remote RADIUS servers do not need to be in a trusted domain, allow-
ing you to use NPS to service authentication requests against a RADIUS server that is not part
of the Windows domain.
Use RADIUS server groups to configure a named group that has one or more RADIUS
servers. Each member of a RADIUS server group must have a unique IP address or DNS name
that resolves to a unique IP address. You can forward authentication requests, accounting
requests, or both to each member of a remote RADIUS server group.
Using priority and weight settings for the group members in a remote RADIUS server
group enables you to do load balancing for the group. Within a group, the primary server has
a priority of 1. All members of the group with the same priority are sent RADIUS messages
in weighted order. Consider server group RADIUS1, with three members (server1, server2,
