What is RADIUS

RADIUS is a remote authentication service used to secure networks by enabling centralized authentication and authorization of dial-in users. RADIUS uses a server role that is named Network Policy Server. NPS can act as a RADIUS server and support RADIUS authentication will be used.

Do we need RADIUS?

Potentially, this can be used to authenticate the VPN connection between the two sites. One being AWS and the other being cyber.local. This, however, will not be used for federated login, since that will be done through the AD connection. This will only be used in the case to connect the two sites. Most likely we can just use a Service account to authenticate

Set up RADIUS on a Linux Machine

sudo apt-get update
sudo apt-get install freeradius

Once it is installed you then need to configure the radiusd.conf by default located in /etc/freeradius/

listen {
        ipaddr = X.X.X.X
        port = 1812
        type = auth
}

authorize {
        #authorization policies
}

authenticate {
        #authentication methods
}

post-auth {
        #post-authentication methods
}

Set up a Windows Server RADIUS

How to set up NPS

1. Type “Import-Module Servermanager”, and then press Enter.
2. Type “install-windowsfeature -name npas-policy-server -IncludeManagementTools” to install NPS role service.

Source

https://wiki.freeradius.org/guide/Getting%20Started