#Tech news #Windows Server

How to configure Network Policy Server (NPS)?

Network Policy Server (NPS):

Network Policy Server (NPS) allows you to create and enforce organization-wide network access policies for connection request authentication and authorization.

NPS allows you to centrally configure and manage network access authentication, authorization, and accounting with the following features:

  • RADIUS server. NPS performs centralized authentication, authorization, and accounting for wireless, authenticating switch, remote access dial-up and virtual private network (VPN) connections. When you use NPS as a RADIUS server, you configure network access servers, such as wireless access points and VPN servers, as RADIUS clients in NPS. You also configure network policies that NPS uses to authorize connection requests, and you can configure RADIUS accounting so that NPS logs accounting information to log files on the local hard disk or in a Microsoft SQL Server database.
  • RADIUS proxy. When you use NPS as a RADIUS proxy, you configure connection request policies that tell the NPS which connection requests to forward to other RADIUS servers and to which RADIUS servers you want to forward connection requests. You can also configure NPS to forward accounting data to be logged by one or more computers in a remote RADIUS server group.

For configuring ADDS, follow the given instructions:

Step1:    Login to Windows Server 2016.
Click Start.
Click Server Manager.
Navigate to Role Summary.
Click Add Roles and Features.
Select Role-based or Feature-based installation.
Navigate to the Before You Begin page and click Next.
Navigate to the Select Server Roles page.
Select the Active Directory Domain Services.
Click Next.
Click Install on the Confirm Installation Selections
Navigate to the Installation Results page and click Close.
ADDS is installed.

Step 2:  Install AD CS and NPS :
For configuring ADDS, follow the given instructions:

Navigate to Server Manager.
Select Roles and Click Add Roles.
Click Next on the Before you Begin page.
Select Active Directory Certificate Services (AD CS) and Network Policy and Access Services.
Click Next.
Click Next on Network Policy and Access Services
Navigate to Role Services and select Network Policy Server.
Click Next.
Select Create a self-signed certificate for SSL encryption and click Next.
Click Next on the Introduction to Active Directory Certificate Services
Select Certification Authority on the Select Role Services page and click Next.
Select Enterprise on Specify Setup Page and Click Next.
Select Root CA on Specify CA Type Page and Click Next.
Select Create a new private key on the Set Up Private Key Page and Click Next.
Click Next on Configure Cryptography for CA.
Enter details on Configure CA Name page and click Next.
Enter the validity period on the Set Validity Period page and click Next.
Click Next on Configure Certificate Database page.
Click Next on the Web Server (IIS) page.
Click Next on the Select Role Services page.
Click Install on the Confirm Installation Selection page.
Click Close.
Now the AD CS (Active Directory Certificate Services), Web Server (IIS), and NPS are installed successfully.

Step3:   Configure NPS ( Network Policy Server) and RADIUS authentication.
Click on the Start button and select Administrative tools.
Click NPS on the Network Policy Server.
Select Register Server in Active Directory and click OK.
Click OK.
On the NPS (Local) page, select RADIUS server for 802.1x Wireless or Wired Connections.
Click Configure 802.1x.
Select Secure Wireless connections on the Configure 802.1x page.
Type Name and click Next.
Add RADIUS clients on the Configure 802.1x page and click Next.
Type the following details on the New RADIUS Client page.
Name
IP Address
Shared Secret (Manual)
Click OK and click Next.
Select Microsoft Protected EAP (PEAP) on the Configure 802.1x
Click Configure.
Select Secured password on the Edit Protected EAP Properties page and click Edit.
Enter the Number of authentication retries and click OK and click Next.
Select Groups and click Next.
Click Next again and click Finish.
Restart NPS again.

Step4:  Define Network Policies for users/devices.
You can follow the given steps for Defining the network policies.

Navigate to the NPS console and click NPS (local).
Click and expand Policies.
Select Network Policies.
Click New.
Enter a Policy Name.
Select the Type of Network Access Server to Unspecified while using Netscaler or RCdevs OpenLDAP while using OTP.
Click Add in Specify Conditions
Select Windows Groups and click Add.
Click Add Groups and click OK.
Select NAS Identifier in the Select Conditions
Enter a Name and select Next to continue.
Select Access Granted in Specify Access Permission
Under Configure Authentication Method, select MS-CHAP v2 for maximum security.
Click Next.
Select RADIUS attributes as Standard in Configure Settings.
Click Add.
Enter the attribute value in String and click OK.
Click Next and click Finish.
You can use the Network Policy Wizard to create and add new conditions, constraints, and setting to the network policies.

Set up Zero Clients, and Select 802.1x Authentication
Navigate to the Control panel and open the Network and Sharing center.
Click Change adapter settings.
Select Local Area Connection and click Properties.
Select Authentication and click Enable IEEE 802.1x authentication.
Select the desired protocol in the dropdown button.

Step5: Configure Wireless Connection Request
Navigate to the Control panel and open the Network and Sharing center.
Click Manage Wireless Networks.
Select Manually Create a network profile.
Enter your SSID in Network Name and click Next.
Click Change Connection settings.
Select Security and click Settings.
Select the Trusted Root CA and click OK.
Navigate to Advanced Settings.
Select Specify Authentication Mode and click OK.

 

 

 

How to configure Network Policy Server (NPS)?

Cloud Computing with Innovative Solutions

How to configure Network Policy Server (NPS)?

It’s good for SEO to create content

Leave a comment

Your email address will not be published. Required fields are marked *