Your company is a hosting provider that provides cloud-based services to multiple customers.
Each customer has its own Active Directory forest located in your company’s datacenter.
You plan to provide VPN access to each customer. The VPN solution will use RADIUS for authentication
services and accounting services.
You need to recommend a solution to forward authentication and accounting messages from the
perimeter network to the Active Directory forest of each customer.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A.
One RADIUS proxy for each customer and Active Directory Federation Services (AD FS)
B.
A RADIUS server for each customer and one RADIUS proxy
C.
One RADIUS proxy and one Active Directory Lightweight Directory Services (AD LDS) instance for each
customer
D.
A RADIUS server for each customer and a RADIUS proxy for each customer
Explanation:
One RADIUS proxy and several RADIUS servers.
You want to provide RADIUS authentication and authorization for outsourced service providers and
minimize intranet firewall configuration. An intranet firewall is between your perimeter network (the
network between your intranet and the Internet) and intranet. By placing an NPS server on your
perimeter network, the firewall between your perimeter network and intranet must allow traffic to flow
between the NPS server and multiple domain controllers. By replacing the NPS server with an NPS proxy,
the firewall must allow only RADIUS traffic to flow between the NPS proxy and one or multiple NPS
servers within your intranet. RADIUS Proxyhttps://msdn.microsoft.com/en-us/library/cc731320.aspx