Configure the Network Access Server

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

Use this procedure to configure network access servers for use with NPS. When you deploy network access servers (NASs) as RADIUS clients, you must configure the clients to communicate with the NPS servers where the NASs are configured as clients.

This procedure provides general guidelines about the settings you should use to configure your NASs; for specific instructions on how to configure the device you are deploying on your network, see your NAS product documentation.

Administrative credentials

To complete this procedure, you must be a member of the Administrators group.

To configure the network access server

  1. On the NAS, in RADIUS settings, select RADIUS authentication on User Datagram Protocol (UDP) port 1812 and RADIUS accounting on UDP port 1813.

  2. In Authentication server or RADIUS server, specify your NPS server by IP address or fully qualified domain name (FQDN), depending on the requirements of the NAS.

  3. In Secret or Shared secret, type a strong password. When you configure the NAS as a RADIUS client in NPS, you will use the same password, so do not forget it.

  4. If you are using PEAP or EAP as an authentication method, configure the NAS to use EAP authentication.

  5. If you are configuring a wireless access point, in SSID, specify a Service Set Identifier (SSID), which is an alphanumeric string that serves as the network name. This name is broadcast by access points to wireless clients and is visible to users at your wireless fidelity (Wi-Fi) hotspots.

  6. If you are configuring a wireless access point, in 802.1X and WEP, enable IEEE 802.1X authentication if you want to deploy PEAP-MS-CHAP v2, PEAP-TLS, or EAP-TLS.