The RADIUS authentication process in ISA Server 2006 and ISA Server 2004 (884492)

INTRODUCTION

This article discusses Remote Authentication Dial-In User Service (RADIUS) authentication in Microsoft Internet Security and Acceleration (ISA) Server 2006 and ISA Server 2004.

MORE INFORMATION

RADIUS authentication is useful when ISA Server is installed in workgroup mode. RADIUS servers do not require domain membership of RADIUS clients. The ISA Server computer acts as a RADIUS client from which authentication requests originate. ISA Server passes information about a user to a designated RADIUS server and then acts on the response that the RADIUS server returns. Transactions between the ISA Server computer and the RADIUS server are authenticated by a shared secret. The shared secret is never sent over the network.

RADIUS servers authenticate the following requests:

Incoming remote client virtual private network (VPN) requests to ISA Server
Outgoing requests from internal clients
Requests from external clients in publishing scenarios

REFERENCES

For more information about how to use RADIUS authentication for ISA Server 2006, visit the following Microsoft Web site:

http://www.microsoft.com/technet/isa/2006/authentication.mspx

For more information about how to use RADIUS authentication for ISA Server 2004 VPN remote client connections, visit the following Microsoft Web site:

http://go.microsoft.com/fwlink/?LinkId=61367

For more information about Outlook Web Access server publishing in ISA Server 2004 by using RADIUS and Forms-based client authentication, visit the following Microsoft Web site:

http://go.microsoft.com/fwlink/?LinkID=60381