27.12.2011 10:43:16
I'm
Posts: 5
|
Hi.
I like to use TekRadius LT as an accounting software so i need to know more about it.
For now i use Windows Server 2008 R2 x64 Std and it's user access policy service.
My clients using PEAP , EAP-MSCHAPv2 and MS-CHAPv2 for PPTP,L2TP,SSTP and IKEv2 authentication and it's work perfectly but i need to use a radius to stop them for more than one concurrent connection.
Before to know everything is TekRadius LT able to authenticate with above auth methods for those VPN platforms?
Is there any complete tutorial to read before starting to work with it?
Thanks a lot
Waiting or your answer
<em>edited by I'm on 27.12.2011</em>
|
|
|
0
• permalink
|
29.12.2011 12:08:25
I'm
Posts: 5
|
Well it seems i didn't ask my question properly.
I install it but now i cant figure this out how to connect it to server 2008 r2.
I try to add it to security tab in rras properties but when i try to connect from clients it's unable to authenticate.
|
|
|
0
• permalink
|
29.12.2011 16:23:02
Admin
Administrator
Posts: 1833
|
Hi,
Can you send TekRADIUS log entries (Accessible through File menu) after setting log level to debug at Settings / Service Parameters?
Best regards,
Yasin KAPLAN
|
|
|
0
• permalink
|
29.12.2011 18:58:35
I'm
Posts: 5
|
Sure...
12/29/2011 8:50:21 AM - TekRADIUS LT Service 4.3.0.0 is being started (Microsoft Windows NT 6.1.7600.0).
12/29/2011 8:51:46 AM - Updating periodic credit limits - Start.
12/29/2011 8:51:46 AM - Updating periodic credit limits - Stop.
12/29/2011 8:51:46 AM - TekRADIUS LT Service is listening on : 172.16.5.1 (1 client(s))
I'm pretty sure everything is wrong so i need a lot of help to make it work
|
|
|
0
• permalink
|
30.12.2011 09:29:35
I'm
Posts: 5
|
Well I think if i add more detail you can help me better and easier so i will say all thing that I've done so far.
1-Installing RRAS with it's configuration.
2-Installing Tekradius
3-Installing NPS and create a new remote RADIUS server Groups and enter 127.0.0.1 for IP address then 1812 for auth port then I check the box that says use the same shared secret for auth and acc. then I enter 1813 port for Accounting port and after all leave the box that says Forward network access server start and stop notification to this server in defaults which is checked.
4-now Tekradius configuration is
In Clients tab
Nas= 127.0.0.1
secret = test
vendor = msoft
Enabled = yes
Interim update = 0
in settings > Service Parameters
Listen IP address = 172.16.5.1
auth port = 1812
secure shutdown = not checked
startup = Manual
logging = Debug
PEAP Inner Auth. Method = EAP-MSCHAPv2
Authorization only = Not checked
Keep domain name = not checked
failure count = grayed out and 0
Add user-name to access-accept messaged = not checked
Accounting = enabled
accounting port = 1813
Authentication proxies are disabled.
5-create a use in tekradius with defaults groups and enter user-password for the user
6-Creating pptp VPN connection for client with ms-chap v2 auth method
7-trying to connect and it ask me for proper password and after three retry Error 691 comes up.
I hope you can help me and tell me what to do.
Thanks.
|
|
|
0
• permalink
|
30.12.2011 11:32:16
Admin
Administrator
Posts: 1833
|
Hi,
Change IP address of the RADIUS server to 172.16.5.1 in step 3.
|
|
|
0
• permalink
|
30.12.2011 13:55:56
I'm
Posts: 5
|
Thank you for your reply
Nothing is changed.Client is unable to connect and ask for correct password.
12/30/2011 3:33:18 AM - TekRADIUS LT Service 4.3.0.0 is being started (Microsoft Windows NT 6.1.7600.0).
12/30/2011 3:34:44 AM - Updating periodic credit limits - Start.
12/30/2011 3:34:44 AM - Updating periodic credit limits - Stop.
12/30/2011 3:34:45 AM - TekRADIUS LT Service is listening on : 172.16.5.1 (1 client(s))
So i guess the problem must be in NPS and found out that authentication and accounting is not set to forward towards tekradius so i changed it and try to connect to server but the error is now changed to 812
|
|
|
0
• permalink
|