Microsoft KB Archive/884492

= The RADIUS authentication process in ISA Server 2006 and ISA Server 2004 =

Article ID: 884492

Article Last Modified on 12/4/2007

-

APPLIES TO


 * Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition
 * Microsoft Internet Security and Acceleration Server 2006 Standard Edition
 * Microsoft Internet Security and Acceleration Server 2004 Standard Edition
 * Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition

-





INTRODUCTION
This article discusses Remote Authentication Dial-In User Service (RADIUS) authentication in Microsoft Internet Security and Acceleration (ISA) Server 2006 and ISA Server 2004.



MORE INFORMATION
RADIUS authentication is useful when ISA Server is installed in workgroup mode. RADIUS servers do not require domain membership of RADIUS clients. The ISA Server computer acts as a RADIUS client from which authentication requests originate. ISA Server passes information about a user to a designated RADIUS server and then acts on the response that the RADIUS server returns. Transactions between the ISA Server computer and the RADIUS server are authenticated by a shared secret. The shared secret is never sent over the network.

RADIUS servers authenticate the following requests:
 * Incoming remote client virtual private network (VPN) requests to ISA Server
 * Outgoing requests from internal clients
 * Requests from external clients in publishing scenarios

