Verify Configuration After an NPS Server IP Address Change

  • Article

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

There might be circumstances where you need to change the IP address of an NPS server or proxy, such as when you move the server to a different IP subnet.

If you change an NPS server or proxy IP address, it is necessary to reconfigure portions of your NPS deployment.

Use the following general guidelines to assist you in verifying that an IP address change does not interrupt network access authentication, authorization, or accounting on your network.

Administrative credentials

To complete this procedure, you must be a member of the Administrators group.

To verify configuration after an NPS server IP address change

  1. Reconfigure all RADIUS clients, such as wireless access points and VPN servers, with the new IP address of the NPS server.

  2. If the NPS server is a member of a remote RADIUS server group, reconfigure the NPS proxy with the new IP address of the NPS server.

  3. If you have configured the NPS server to use SQL Server logging, verify that connectivity between the computer running SQL Server and the NPS server is still functioning properly.

  4. If you have deployed IPsec to secure RADIUS traffic between your NPS server and an NPS proxy or other servers or devices, reconfigure the IPsec policy or the connection security rule in Windows Firewall with Advanced Security to use the new IP address of the NPS server.

  5. If the NPS server is multihomed and you have configured the server to bind to a specific network adapter, reconfigure NPS port settings with the new IP address.

To verify configuration after an NPS proxy IP address change

  1. Reconfigure all RADIUS clients, such as wireless access points and VPN servers, with the new IP address of the NPS proxy.

  2. If the NPS proxy is multihomed and you have configured the proxy to bind to a specific network adapter, reconfigure NPS port settings with the new IP address.

  3. Reconfigure all members of all remote RADIUS server groups with the proxy server IP address. To accomplish this task, at each NPS server that has the NPS proxy configured as a RADIUS client:

    1. Double-click NPS (Local), double-click RADIUS Clients and Servers, click RADIUS Clients, and then in the details pane, double-click the RADIUS client that you want to change.

    2. In RADIUS client Properties, in Address (IP or DNS), type the new IP address of the NPS proxy.

  4. If you have configured the NPS proxy to use SQL Server logging, verify that connectivity between the computer running SQL Server and the NPS proxy is still functioning properly.