By Mike Mullins
For Windows, Internet Authentication Service (IAS) is the Microsoft implementation of a RADIUS server.
To install IAS, follow these steps:
After the installation completes, you'll have a new link under Administrative Tools for Internet Authentication Service. Next, you'll need to configure a client for each device and define a remote access policy to control access.
Configure an IAS client
Client configuration is simple and straightforward. Follow these steps:
Define a remote access policy
To control access to the device, you must define a policy. Follow these steps.
To complete the policy, you must configure a profile for the RADIUS client. In this example, we'll use a Cisco router. Follow these steps:
This completes your configuration. When you Telnet to your network device using RADIUS authentication, your domain account will authenticate you and grant you exec level privileges.
After configuring your router and RADIUS server, you'll no longer need to depend on locally stored passwords on your network devices.
RADIUS authentication isn't the most secure method of access control. However, it's free, and it's a good step toward securing access to your network devices.
I don't recommend using Telnet as a means of accessing your network devices. Telnet passes all of this traffic using clear text, and anyone sniffing your connection can easily read it.
Mike Mullins has served as a database administrator and assistant network administrator for the U.S. Secret Service. He is a Network Security Administrator for the Defense Information Systems Agency.