Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, September 7, 2016 9:28 PM
I have multiple campuses. I'd like to have a radius server at each campus that has an identical configuration. I plan to define radius groups on all my infrastructure devices and offer either server for authentication. I have a single server now, and we've had some issues with our cross campus link. I'd like to set up synchronized Radius servers, similar to the way DHCP is capable of being synchronized. Is that possible? Not really interested in hearing about proxies and such. Way too much for my needs and as I see it, doesn't solve my problem. I just want to keep this solution simple.
I have about 200 clients. I just want it to synchronize the configuration between the 2 servers. So I can avoid having to make changes on both servers. If there is no way to synchronize, I guess double editing will be my only option.
Love to hear any ideas.
All replies (5)
Thursday, September 8, 2016 7:01 AM ✅Answered
Hi,
No,there is no such solution like 'sync'.But you could use simple script, scheduled to run automatically, to replicate your RADIUS configuration to another.
First,you need these 2 commands:
To export the RADIUS configuration on the master server:
netsh nps export filename = “C:\radius\config.xml” exportPSK = YES
To import on another server:
netsh nps import filename = “\masterIP\radius\config.xml”. (Make sure to replace 'masterIP' with the IP address of your master DC.)
Next,in Windows Task Scheduler (found within Administration Tools),create a scheduled task to run the script periodically.
Check this link for more information:
Automatically sync RADIUS configuration across multiple Domain Controllers
Best Regards,
Cartman
Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Friday, September 9, 2016 3:12 AM ✅Answered
Hi,
>>When you say IP of the master DC you mean the master Radius Server, correct?
YES.
>>It shouldn't need to be a DC, should it?
NO,it shouldn't need to be a DC.
Best Regards,
Cartman
Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thursday, September 8, 2016 1:37 PM
Thanks Cartman. That's a very acceptable solution. Perfect in fact. When you say IP of the master DC you mean the master Radius Server, correct? My existing Radius server is not a Domain Controller (at least not to my knowledge). It shouldn't need to be a DC, should it?
Friday, September 9, 2016 3:39 PM
Thanks Again. This solution is perfect for my needs.
Wednesday, September 14, 2016 7:42 AM
Hi,
You are welcome.If you have any other question,please feel free to ask here.
Best Regards,
Cartman
Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].