TekRadius – A Windows Radius Server
TekRadius is a Windows radius server built on the .net platform. It natively supports IETF/Cisco/Mikrotik which is nifty. I know the first thing that pops into mind is why wouldn’t you just use the Windows radius server (IAS). To this I say because IAS requires you to create windows users to authenticate with the server. What I’m using this for is to integrate radius into standalone management systems.
If you have a hotel system, library system or other, you can use TekRadius to easily integrate those users into your Hotspot authentication system.
I say easily because they have a nice little GUI that you can manually enter information into, but they also have an easy to use CLI interface.
All we need is a little scripting to take the existing management system’s users and convert them over to TekRadius.
The only thing that seems like it should be there is the ability to pull a user list from the CLI. You have to look via the GUI to get a complete list of users. If you wanted to do some programmatic magic, you could work around this by just keeping a list of the users or perhaps hitting the SQlite DB directly.
If anyone has some specific needs for some conversion scripting, let me know, as I would be happy to integrate a solution for you 😉
hi I have a Tekradius server running on Win Server 7 SP2. Seems to be setup ok as per the config document. But I can’t get it to communicate with my ASA 5510 for VPN authentication. I really need some help with this as I want to move all users onto the Radius for secure authentication. Any and all advise/screenshots/best practice configs for both devices greatly appreciated.
regards
B
P.S.
actually, ideally I would like to have it authenticate off AD username/passwords for the VPN if that’s possible?
regards
b
@barry
If you want to auth off of AD, the windows built in radius server will be your best bet.
In windows 2003 and below it is called IAS and above it is called NPS. These need to be installed via add/remove programs.
Hi Greg,
thanks for that but my concern is around security with IAS, constant patching etc etc, hence why I had opted for the Tekradius. I don’t mind creating a new database of users on the TEKRadius server if I could get it working with the ASA.
Would you have some example configs for this?
regards
B
@barry
Security on IAS is strong. The patching that has to be done is to the windows OS itself, and since you are running windows anyway it would behoove you to just run IAS.
well that certainly gives one pause for thought.
I will look further into this.
regards
@barry
Excellent. If you get a chance, report back and let us know what you’ve found.
will do. Only thing is it’s a shame to leave the TekRadius server unused.
@barry
I would say I’m just efficient, but in all honesty it’s laziness…=) If there is a better (easier) way to do something, I’m all about it.