Lock Down Your Windows Server Security Needs With TekRADIUS Page 2

By Eric Geier (Send Email)
Posted Apr 29, 2011


TekRADIUS Features

TekRADIUS' key features are:

  • Optional authentication-only and authorization-only modes
  • Customizable authentication and accounting ports
  • TekCERT program generates self-signed server or client certificates for PEAP/EAP-TLS
  • Customizable RADIUS dictionary
  • Modification of authorization query strings
  • Authentication of users against Windows Domain or Active Directory
  • Optional command-line utility for adding, deleting and editing users
  • Configurable expiration date (Expire-Date), time quota (Time-Limit) and allowed logon days/hours (Login-Time) for users
  • Reporting interface for browsing accounting records
  • Modification mapping of RADIUS accounting attributes to accounting table fields

Key functionality includes the ability to:

  • Limit the number of simultaneous user sessions
  • Disable a user after a given number of unsuccessful login attempts
  • Disconnect users with Packet of Disconnect (Pod) or predefined kill command
  • Log system messages, errors and session information

While reviewing the features, we didn't find any server replication functionality for keeping a backup server in sync. Also lacking is remote administration. You must configure and manage the main settings via the GUI on the local machine (or do Remote Desktop). Additionally, database support is limited to Microsoft SQL.

TekRADIUS Installation and Configuration

Before installing TekRADIUS, you must install the SQL server and the Microsoft.NET Framework v4.0 Client Profile. After that, the installation of TekRADIUS is rather painless via a setup file.

To get started, open the TekRADIUS Manager and reference the Installation & Configuration Manual. The manual takes you through the initial configuration of the SQL server connection and database creation. It also shows how to configure the general server settings, RADIUS clients, users and the other settings and features.

The manual is written to be very clear and understandable by IT staff familiar with RADIUS servers. It even helps with other tasks, such as creating certificates and configuring Windows for PEAP or EAP-TLS. It also covers using the TekRADIUS Command Line Interface (TRCLI.exe) and troubleshooting via TekRADIUS log files and Application Logs of Windows Event Viewer.

Even more documentation is available on the website.

Final Thoughts

We didn't have any issues during testing, using TekRADIUS for 802.1X authentication to secure our wireless network with the Enterprise mode of Wi-Fi Protected Access 2 (WPA2) security. The manual and GUI were simple and straightforward. The GUI might not be as attractive as it could be, but it gets the job done.

Although it lacks a various features found in other RADIUS servers, we recommend TekRADIUS for most AAA needs. It's comparable to other commercial products, such as Elektron RADIUS Server ($750 after 30-day trial) and ClearBox RADIUS Server ($599 after 30-day trial), but it does lack some of the database capabilities and advanced functionality. But again TekRADIUS is free, or much less expensive.

TekRADIUS Details

Price: Freeware or $149 for paid version
Pros: Pricing; great documentation; GUI-based
Cons: Lacking remote administration and server replication

Eric Geier is the founder of NoWiresSecurity, which helps businesses easily protect their Wi-Fi networks with the Enterprise mode of WPA/WPA2 security by offering a hosted RADIUS/802.1X service. He is also a freelance tech writer--become a Twitter follower or use the RSS Feed to keep up with his writings.

Follow ServerWatch on Twitter

Page 2 of 2


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.