Server 2003 RADIUS - Not Passing DNS Server Address

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am trying to configure a Windows Server 2003 RADIUS IAS Server that
authenticates users through a Service providers RADIUS proxy.

The issue is that once the connection is established I do not get any DNS
Server IP Addresses assigned. I am therefore am only able to ping Internal
servers via their IP address.

Please advise how to setup the RADIUS server to assign DNS Server Addresses.

I have been advised by the Service Provider that I may need to add RADIUS
attributes 135, 136, & 137. But I cannot find these attributes to add.

Thanks for your help in advance.
 
Even though you can do this through the DHCP lease you get or the DNS config
on the RRAS server, I will explain how to do it from IAS as well
in IAS you will need to add a Vendor Specific Attribute (VSA) to do this,
you go to the policy-profile-Edit profile-Advanced-Select Vendor Specific
click Add
In the next UI Click Add again, select Microsoft from the list, Select
"Yes, It conforms" then click Configure Attribute
In the next UI
in Vendor Assigned attribute number select 28 for Primary-DNS and 29 for
Secondary-DNS
Then select InetAddr and enter the IP address below
Repeat for secondary DNS server

HTH
 
RRAS does not necessarily use all the possible settings in IAS.

Check out this article on how to override the name servers:

http://support.microsoft.com/?kbid=842575

A RAS client normally receives the name servers in an IPCP packet during PPP
address assignment. The server gets the WINS and DNS server IP's by copying
the settings from a specific adapter (the one from which you assign for DHCP
addresses in the RRAS server properties).

After a client logs on, it sends a DHCP-Inform packet to request additional
options and these can be returned from a DHCP server using specific scope
options (if a DHCP relay agent is configured on the RRAS box).

The page below is kind of long, but it walks you through some settings:

http://www.isaserver.org/pages/article_p.asp?id=1066

The VPN site at microsoft has a ton of information, too.

http://www.microsoft.com/windowsserver2003/technologies/networking/vpn/default.mspx
 
Back
Top