AW: Re: Windows Radius and Privacyidea

Hi Shawn,yes you can do this. The NPS would forward the authentication request to FreeRADIUS. Freeradius would use the privacyidea auth module to get the authentication request verifies by privacyIDea. privacyidea would tell FreeRADIUS accept or reject, freeradius would tell NPS the answer and thus NPS can give the result to the SSL VPN.
There are ideas of a colleague of mine to implement an NPS plugin. This would have to be funded within a project. This might be a solution in the long run, to get rid of the FreeRADIUS.
Kind regards Cornelius

Cornelius KölbelCornelius.koelbel@netknights.it+49 151 2960 1417
NetKnights GmbHhttp://netknights.itLandgraf-Karl-Str. 19, 34131 Kassel, GermanyTel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405Geschäftsführer: Cornelius Kölbel-------- Ursprüngliche Nachricht --------
Von: Shawn shawn.wiley.ext@ullink.com
Datum: 27.07.2015 23:00 (GMT+01:00)
An: privacyidea privacyidea@googlegroups.com
Cc: @cornelinux
Betreff: Re: Windows Radius and Privacyidea

Currently NPS 2008 is being used. My immediate goal is to run a proof of concept with an SSL vpn. I read somewhere that I can proxy the NPS to an OTP server for otp generation.Does that sound like something that can be used in this scenario?
user --> SSL VPN --> Windows Radius --> proxy to OTP server to verify OTP --> ssl vpn authenticate and authorize.

On Monday, July 13, 2015 at 3:44:20 PM UTC-4, Cornelinux K wrote:Hi Shawn,

are you still talking about Microsoft IAS (2003) or Microsoft NPS (2008

+)?

At the moment there is no ready made NPS plugin.

Anyway - what is your budget?

Kind regards

Cornelius

Am Montag, den 13.07.2015, 12:17 -0700 schrieb Shawn:

Can Privacyidea communicate with Windows Radius to add OTP to network

devices which currently use windows radius to authenticate/authorize?

The scenario I am looking to test is …

External user --> VPN Device -->Windows Radius (For username and

security group)

                                        -->Privacyidea        (For

two factor authentication)

Standard model uses Freeradius where I have Windows Radius. Can I

replace FreeRadius with Windows Radius? I am trying to play nice with

Windows Radius since its already deployed but if its just not possible

I need to come up with a strong reason to move from Windows Radius to

FreeRadius.

Thanks

The information contained in or attached to this email is strictly

confidential. If you are not the intended recipient, please notify us

immediately by telephone and return the message to us.

You received this message because you are subscribed to the Google

Groups “privacyidea” group.

To unsubscribe from this group and stop receiving emails from it, send

an email to privacyidea...@googlegroups.com.

To post to this group, send email to priva...@googlegroups.com.

To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/c234ef1e-91c0-4662-82fc-73f99a14f8a4%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Cornelius Kölbel

corneliu…@netknights.it

+49 151 2960 1417

NetKnights GmbH

http://www.netknights.it

Landgraf-Karl-Str. 19, 34131 Kassel, Germany

Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405

Geschäftsführer: Cornelius Kölbel

The information contained in or attached to this email is strictly confidential. If you are not the intended recipient, please notify us immediately by telephone and return the message to us.

You received this message because you are subscribed to the Google Groups “privacyidea” group.

To unsubscribe from this group and stop receiving emails from it, send an email to privacyidea+unsubscribe@googlegroups.com.

To post to this group, send email to privacyidea@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/bf10b7fe-195a-4bd9-b99c-cfbd4b8611eb%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.