Hi Shawn,yes you can do this. The NPS would forward the authentication request to FreeRADIUS. Freeradius would use the privacyidea auth module to get the authentication request verifies by privacyIDea. privacyidea would tell FreeRADIUS accept or reject, freeradius would tell NPS the answer and thus NPS can give the result to the SSL VPN.
There are ideas of a colleague of mine to implement an NPS plugin. This would have to be funded within a project. This might be a solution in the long run, to get rid of the FreeRADIUS.
Kind regards Cornelius
Cornelius KölbelCornelius.koelbel@netknights.it+49 151 2960 1417
NetKnights GmbHhttp://netknights.itLandgraf-Karl-Str. 19, 34131 Kassel, GermanyTel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405Geschäftsführer: Cornelius Kölbel-------- Ursprüngliche Nachricht --------
Von: Shawn shawn.wiley.ext@ullink.com
Datum: 27.07.2015 23:00 (GMT+01:00)
An: privacyidea privacyidea@googlegroups.com
Cc: @cornelinux
Betreff: Re: Windows Radius and Privacyidea
Currently NPS 2008 is being used. My immediate goal is to run a proof of concept with an SSL vpn. I read somewhere that I can proxy the NPS to an OTP server for otp generation.Does that sound like something that can be used in this scenario?
user → SSL VPN → Windows Radius → proxy to OTP server to verify OTP → ssl vpn authenticate and authorize.
On Monday, July 13, 2015 at 3:44:20 PM UTC-4, Cornelinux K wrote:Hi Shawn,
are you still talking about Microsoft IAS (2003) or Microsoft NPS (2008
+)?
At the moment there is no ready made NPS plugin.
Anyway - what is your budget?
Kind regards
Cornelius
Am Montag, den 13.07.2015, 12:17 -0700 schrieb Shawn:
Can Privacyidea communicate with Windows Radius to add OTP to network
devices which currently use windows radius to authenticate/authorize?
The scenario I am looking to test is …
External user → VPN Device -->Windows Radius (For username and
security group)
-->Privacyidea (For
two factor authentication)
Standard model uses Freeradius where I have Windows Radius. Can I
replace FreeRadius with Windows Radius? I am trying to play nice with
Windows Radius since its already deployed but if its just not possible
I need to come up with a strong reason to move from Windows Radius to
FreeRadius.
Thanks
The information contained in or attached to this email is strictly
confidential. If you are not the intended recipient, please notify us
immediately by telephone and return the message to us.
–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it
+49 151 2960 1417
NetKnights GmbH
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
The information contained in or attached to this email is strictly confidential. If you are not the intended recipient, please notify us immediately by telephone and return the message to us.
–
You received this message because you are subscribed to the Google Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/bf10b7fe-195a-4bd9-b99c-cfbd4b8611eb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.