Follow

How can I support VPN in Microsoft’s RRAS with AuthAnvil 2FA?

Configuring RRAS to support RADIUS Authentication

Step 1 - Go to the Start Menu and click on ‘Administration Tools’

Step 2 - Go to ‘Routing & Remote Access’ (RRAS)

Step 3 - Highlight the RRAS Server and right click > Properties

Step 4 - Go to the Security tab; change the Authentication Provider to RADIUS Authentication.

Step 5 - Click on the ‘Authentication Methods’ button below and ensure ‘MS-CHAP v2′ is the only one checked.

Step 6 - Click on ‘Configuration’ button to configure the RADIUS Server options.

Step 7 – Click ‘Add’ to enter the IP address and port of the AuthAnvil Radius Server; this will be the server RADIUS authentication requests are sent to.

Step 8 - Reset RRAS to accept the new configuration. To do this, follow these instructions:

  • Open a Command Prompt by clicking Start > Run and then typing ‘cmd’.
  • Type net stop remoteaccess
  • After it completes, type net start remoteaccess

Note: Be sure you have the IP of the RRAS Server added into the RADIUS Config.

 

Configuring ISA Server

If you are installing the AuthAnvil RADIUS Server for support on networks using Microsoft’s Internet and Security Acceleration Server (ISA), you will need to configure ISA to use RADIUS. The following steps will accomplish this goal.

NOTE: This configuration is required on SBS 2003 servers running ISA.

Step 1 - Start up the ISA manager and click on the ‘Virtual Private Networks’ in the main menu on the left.

Step 2 - Click on the ‘Select a RADIUS Server’ in the 2nd step of ‘Configure VPN Client Access’

Step 3 - Select the ‘RADIUS’ tab and enable the ‘Use RADIUS for authentication’ checkbox.

Step 4 - Click on the ‘RADIUS Servers…’ button to add then configure IAS for the Anvil Radius Server.

Step 5 - Click on the ‘Add’ button to start the configuration.

Step 6 - Add the local IP address, shared secret, port and time-out. Ensuring you use the secret and port you designated in RRAS. Click on ‘OK’ to apply the settings and your finished configuring ISA for Anvil RADIUS Server.

Configuring the PPTP VPN Client for Windows XP

Note: As of April 8, 2014 Windows XP is no longer being supported.

 

First you will need to ensure your VPN connection is set to require MSCHAP2. You can do so by following these steps:

Step 1 - Double click on the VPN connection and go to ‘Properties’, then ‘Options”. Ensure‘Include logon domain’ is unchecked.

Step 2 - Go to the Security tab, set the ‘‘Security Options’ to ‘Advanced’ and click the‘Settings’ button.

Step 3 – Ensure that ‘Data Encryption’ is set to ‘Require data encryption’, and that under‘Allow these protocols’, only the ‘MS-CHAP v2′ check box is enabled and click ‘OK’, then click‘OK’ again.

image_thumb7_thumb

Step 4 - Enter the username into the ‘Username’ field and the AuthAnvil passcode (PIN + OTP) into the ‘Password’ field. Click “Connect” to establish a VPN connection using strong authentication.

 

 

Configuring the PPTP VPN Client for Windows Vista/7

First you will need to ensure your VPN connection is set to require MSCHAP2. You can do so by following these steps:

Step 1 - Double click on the VPN connection and go to ‘Properties’, then ‘Options”. Ensure‘Include logon domain’ is unchecked.

Step 2 - Go to the Security tab and ensure that the ‘Type of VPN’ is set to ‘PPTP’ selected, and‘Data Encryption’ is set to ‘Require data encryption’, and that under ‘Allow these protocols’, only the ‘MS-CHAP v2′ check box is enabled and click ‘OK’.

image_thumb8_thumb

Step 3 - Enter the username into the ‘Username’ field and the AuthAnvil passcode (PIN + OTP) into the ‘Password’ field. Click “Connect” to establish a VPN connection using strong authentication.

Questions?

If you have any questions or need some help, we would be happy to assist. Open a case at help.scorpionsoft.com or send an email to support@scorpionsoft.com.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk