NPS for Remote RADIUS Server Groups

To configure the SafeNet Agent for NPS for Remote RADIUS Server Groups, follow the steps:

1. Open the Network Policy Server (NPS) console.

2. In the left pane, double-click RADIUS Clients and Servers, right-click Remote RADIUS Server Groups, and click New.

   1. In the Group name box, type a name for the new RADIUS server group, then click Add.

   2. In the Add RADIUS Server dialog box, under RADIUS Server, enter your previous OTP solution as a RADIUS server.

   3. Click OK to save.

   4. Ensure that you add this NPS server as a RADIUS client on the previous OTP solution.

      

      (The screen image above is from Microsoft^®, Inc. software. Trademarks are the property of their respective owners.)

3. In the left pane, under Policies, right-click Connection Request Policies, then click New.

   1. In the Policy Name box, type a name for the new policy.

   2. Create a policy that forwards connection requests to the newly created remote RADIUS server group for authentication.

   3. Click OK to save.

      

      (The screen image above is from Microsoft^®, Inc. software. Trademarks are the property of their respective owners.)

      

      (The screen image above is from Microsoft^®, Inc. software. Trademarks are the property of their respective owners.)

4. In the left pane, under Policies, right-click Network Policies, then click New.

   1. In the Policy Name box, type a friendly name for the new policy.

   2. Complete the remaining fields as appropriate.

   3. Click OK to save.

   4. Right-click the new policy, then click Edit.

   5. Click the Constraints tab and select the Unencrypted authentication (PAP, SPAP) check box.

   6. Click OK to save.

      

      (The screen image above is from Microsoft^®, Inc. software. Trademarks are the property of their respective owners.)

      

      (The screen image above is from Microsoft^®, Inc. software. Trademarks are the property of their respective owners.)

5. In the NPS server, add your local machine and your VPN appliance as RADIUS clients.

   Note

   Ensure to enable the Migration Mode. To configure Exceptions in Migration Mode, refer to Configuring Exceptions for Migration Mode.

6. Use a RADIUS client tool, such as NTRadPing, to authenticate against the local NPS. NPS should forward the request to your previous OTP solution.

   

   (The screen image above is from Microsoft^®, Inc. software. Trademarks are the property of their respective owners.)