You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/virtual-wan/user-groups-radius.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,29 +5,29 @@ description: Learn how to configure RADIUS/NPS for user groups to assign IP addr
5
5
author: cherylmc
6
6
ms.service: virtual-wan
7
7
ms.topic: how-to
8
-
ms.date: 05/29/2023
8
+
ms.date: 07/16/2024
9
9
ms.author: cherylmc
10
10
11
11
---
12
12
# RADIUS - Configure NPS for vendor-specific attributes - P2S user groups
13
13
14
-
The following section describes how to configure Windows Server Network Policy Server (NPS) to authenticate users to respond to Access-Request messages with the Vendor Specific Attribute (VSA) used for user group support in Virtual WAN point-to-site-VPN. The following steps assume that your Network Policy Server is already registered to Active Directory. The steps may vary depending on the vendor/version of your NPS server.
14
+
The following section describes how to configure Windows Server Network Policy Server (NPS) to authenticate users to respond to Access-Request messages with the Vendor Specific Attribute (VSA) used for user group support in Virtual WAN point-to-site-VPN. The following steps assume that your Network Policy Server is already registered to Active Directory. The steps might vary depending on the vendor/version of your NPS server.
15
15
16
-
The following steps describe setting up single Network Policy on the NPS server. The NPS server will reply with the specified VSA for all users who match this policy, and the value of this VSA can be used on your point-to-site VPN gateway in Virtual WAN.
16
+
The following steps describe setting up single Network Policy on the NPS server. The NPS server replies with the specified VSA for all users who match this policy, and the value of this VSA can be used on your point-to-site VPN gateway in Virtual WAN.
17
17
18
18
## Configure
19
19
20
20
1. Open the **Network Policy Server** management console, and right click **Network Policies -> New** to create a new Network Policy.
21
21
22
22
:::image type="content" source="./media/user-groups-radius/network-policy-server.png" alt-text="Screenshot of new network policy." lightbox="./media/user-groups-radius/network-policy-server.png":::
23
23
24
-
1. In the wizard, select **Access granted** to ensure your RADIUS server can send Access-Accept messages after authentication users. Then, click **Next**.
24
+
1. In the wizard, select **Access granted** to ensure your RADIUS server can send Access-Accept messages after authenticating users. Then, click **Next**.
25
25
26
26
1. Name the policy and select **Remote Access Server (VPN-Dial up)** as the network access server type. Then, click **Next**.
27
27
28
28
:::image type="content" source="./media/user-groups-radius/policy-name.png" alt-text="Screenshot of policy name field." lightbox="./media/user-groups-radius/policy-name.png":::
29
29
30
-
1. On the **Specify Conditions** page, click **Add** to select a condition. Then, select **User Groups** as the condition and click **Add**. You may also use other Network Policy conditions that are supported by your RADIUS server vendor.
30
+
1. On the **Specify Conditions** page, click **Add** to select a condition. Then, select **User Groups** as the condition and click **Add**. You can also use other Network Policy conditions that are supported by your RADIUS server vendor.
31
31
32
32
:::image type="content" source="./media/user-groups-radius/specify.png" alt-text="Screenshot of specifying conditions for User Groups." lightbox="./media/user-groups-radius/specify.png":::
0 commit comments