In the lab exercise, I have used the network policy server to setup the Radius clients for implementing a network policy server. During the setup process, I have come across several step, one of them are selecting the authentication methods. As the default setting of the authentication method are extensible authentication protocol (EAP)and Microsoft encrypted authentication version 2 (MS-CHAP V2). EAP is frequently used in point to point connection which provide some common functions and negotiation for authentication and able to support multiple authentication. MS-CHAP is a challenge-Handshake authentication, it also supports point to point protocol.
The security policy used in the lab is custom policy which specify the condition of a windows groups condition which should be belong to one of the specific groups. The group I have defined as the condition is PRACTICELABS\GlobalIT, and there is pre-defined policy already exited in the network policies. I have disabled the pre-exited policy so the only enabled policy is the one I have defined.
For the accounting configuration, I have changed the log file format as IAS(Legacy) which is stand for Internet Authentication Service. It is specially design for (RADIUS) server and proxy by micorsoft.
Also changed the new log file created in daily. Internet Authentication Service (IAS) is the Microsoft implementation of a Remote Authentication Dial-in User Service (RADIUS) server and proxy.
Albert's blog 