• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Radius Request per-request

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Installation >> Radius Request per-request Page: [1]
Message << Older Topic   Newer Topic >>
Radius Request per-request - 30.May2006 9:48:00 PM   


Posts: 1
Joined: 29.May2006
Status: offline
I have installed i new ISA 2004 SP2 server for Web Proxy with RADIUS authentication for the users.
I see that the server send RADIUS authentication for each request.

I have found that that we can change SingleRadiusServerAuthPerSession entry for the WebListener, in my case I mean the Internal network object. For this thing I have write  script (see below) that change the value from Flase to True for the fpcInternalNetwork object.

After the change and the reboot of the server nothing change and the server contnue to generate high rate RADIUS request to the RADIUS Server.

Something wrong ?

Some Idea, because I mean I'm not the only how have this problem ?

' Declare the other objects needed.
Dim root           ' The FPCLib.FPC root object
Dim isaArray       ' An FPCArray object
Dim listener       ' An FPCNetwork object
Dim currentValue   ' A Boolean
' Pass WebListener to change.
Set Args = WScript.Arguments
NewValue = Args(0)
WScript.Echo "New Value " & NewValue
' Create the root object.
Set root = CreateObject("FPC.Root")
' Get references to the array object
' and the Web listener object.
Set isaArray = root.GetContainingArray()
Set networks = isaArray.NetworkConfiguration.Networks
For Each network In networks
'WScript.Echo "Network ID "& network
If network.NetworkType = 4 Then '4 = fpcInternalNetwork
 CurrentValue = network.WebListenerProperties.SingleRadiusServerAuthPerSession
 WScript.Echo "Network: " & network.NetworkType
 WScript.Echo "Current value: " & CurrentValue
 If NewValue <> CurrentValue Then
  network.WebListenerProperties.SingleRadiusServerAuthPerSession = NewValue
  WScript.Echo "New value: " & network.WebListenerProperties.SingleRadiusServerAuthPerSession
 End If
End If
Post #: 1
RE: Radius Request per-request - 31.May2006 6:05:09 AM   


Posts: 43
Joined: 28.Nov.2005
Status: offline
Hello HSchlect:


Also, even if ISA is not authenticating with every HTTP verb sent, it's still authenticating with every new TCP session to the Web Listener for the relevant Network object.  It could be that users/apps are opening and closing TCP sessions at a high rate, causing a high rate of RADIUS authentications.  Performance Monitor or some packet sniffing should help to settle that question.

Hope this helps!

(in reply to hschlecht)
Post #: 2
RE: Radius Request per-request - 1.Jun.2006 5:45:49 PM   


Posts: 15
Joined: 1.Oct.2004
From: Reading, UK
Status: offline
Hi HSchlect

I am also having this problem.  We are trying to authenticate with a 'one time password' solution which uses RADIUS, multiple logon prompts are therefore a major problem.

I am publishing OWA.  Having used the 'SingleRadiusServerAuthPerSession' script the number of logon prompts is greatly reduced but it's still unusable.

There doesn't seem to be a solution anywhere for this problem, despite this being a relatively common and straight-forward configuration (I would have thought).  Incidently, I have done some testing with ISA2006 and the 'RADIUS OTP' function - it doesn't help!

(in reply to hschlecht)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Installation >> Radius Request per-request Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts