Re: Troubleshooting IAS as Radius server

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

---

• From: "James McIllece [MS]" <jamesmci@xxxxxxxxxxxxxxxxxxxx>
• Date: Thu, 19 Jun 2008 13:15:25 -0700

---

Jim Helfer <jhelfer@xxxxxxxxxxxxxxxx> wrote in
news:u7sAArW0IHA.5520@xxxxxxxxxxxxxxxxxxxx:

I have installed IAS on a Windows 2003 server and set it up as a
Radius server. I want to use it to use AD Authentification for my
Cisco ASA Vpn.

I setup the firewall IP as a client and register the server with AD,
no apparent problems, but I'm not sure if it's working properly. I've
set up logging, but I can't find any reference on what the log entries
mean.

Here's the latest entry:

172.16.16.4,fife,06/17/2008,15:19:09,IAS,WTWMAIL2,25,311 1 172.16.16.7
06/12/2008 18:15:44
67,4127,1,4130,WTWARCH\fife,4129,WTWARCH\fife,4154,Use Windows
authentication for all
users,4155,1,4128,Cisco-ASA,4116,0,4108,172.16.16.4,4136,3,4142,16

Where 172.16.16.4 is the IP address of the firewall
WTWMAIL2 is the name of the server running IAS
WTARCH\FIFE is the username authenticatiing
and "Cisco-ASA" is what I named the Radius client.

But I don't no how to read this.

Any assistance apreciated,

Jim

Hi Jim --

Regarding your comment, "I can't find any reference on what the log entries
mean."


Did you refer to the product Help on the computer? There are topics in the
IAS Help that tell you how to interpret log files.

They are also on the Web at:

Interpreting database-import log files
http://technet2.microsoft.com/WindowsServer/en/library/b583bb8c-f90d-4c52-
a748-7bd5c41df5641033.mspx

Interpreting IAS-formatted log files
http://technet2.microsoft.com/windowsserver/en/library/f6322ae0-fb0a-4379-
ad54-80bc62f783101033.mspx

Interpreting IAS IDs for vendor-specific attributes
http://technet2.microsoft.com/windowsserver/en/library/e6d623f5-7398-4262-
9e2a-414813ab5a7a1033.mspx


--
James McIllece, Microsoft

Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.

This posting is provided "AS IS" with no warranties, and confers no rights.
.

---

• References:
  • Troubleshooting IAS as Radius server
    • From: Jim Helfer

• Prev by Date: Re: Restrict user account to mac address
• Next by Date: Re: IAS and remote DHCP server
• Previous by thread: Re: Troubleshooting IAS as Radius server
• Next by thread: Re: Restrict user account to mac address
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: IAS as a RADIUS server ... I've been using IAS in a fairly large deployment here (about 10 production ... RADIUS is a pretty secure protocol itself, so as far as security I'd ... I am in the process on implanting a RADIUS server to authenticate users ... (Focus-Microsoft) Re: VPN access using Radius to trusted domain Windows 2003 ... If you are using Windows Server 2003 IAS as your RADIUS server, ... need to do to enable it to proxy connection requests to other RADIUS ... (microsoft.public.internet.radius) Server 2003 IAS logging in SQL ... I am currently running an IAS server for Radius ... Currently the log files are configured for Local files ... setting up this configuration. ... (microsoft.public.windows.server.general) Re: WEP 128Bit und IAS ... Server läuft bereits der IAS für eine Radius-Abfrage der VPN-Clients. ... Hast Du hier beim Parameter "Client Vendor", *Cisco* ausgewählt? ... Kann der Radius Server hier via Schaltfläche den AP verifizieren? ... (microsoft.public.de.security.netzwerk.sicherheit) IAS reauthenticating ... We do not have the reauthentication value set on the ... radius server or the wireless solutions, ... different wireless vendors all using the same IAS server, ... (microsoft.public.win2000.networking)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Internet  > microsoft.public.internet.radius  > 2008-06