Wednesday, June 3, 2015

RADIUS Client limit on Windows Server 2008 R2 Standard Edition

You’re using a Windows Server 2008 R2 Standard Edition server as a NPS (Network Policy Server) but noticed that when you attempt to add the 50th RADIUS Client, you receive the following NPS Error message:

The service being accessed is licensed for a particular number of connections. No more connections can be made to the service at this time because there are already as many connections as the service can accept. (Exception HRESULT: 0x80070573)

image

As per the following TechNet article:

NPS Fast Facts for Windows Server 2008 R2
https://technet.microsoft.com/en-us/library/dd365355(v=ws.10).aspx

NPS provides different functionality depending on the edition of Windows Server 2008 R2 that you install:

  • Windows Server® 2008 R2 Enterprise and Windows Server® 2008 R2 Datacenter. These server editions include NPS. With NPS in Windows Server 2008 R2 Enterprise and Windows Server 2008 R2 Datacenter, you can configure an unlimited number of RADIUS clients and remote RADIUS server groups. In addition, you can configure a group of RADIUS clients by specifying an IP address range.
  • Windows Server® 2008 R2 Standard. This server edition includes NPS. With NPS in Windows Server 2008 R2 Standard, you can configure a maximum of 50 RADIUS clients and a maximum of two remote RADIUS server groups. You can define a RADIUS client by using a fully qualified domain name or an IP address, but you cannot define groups of RADIUS clients by specifying an IP address range. If the fully qualified domain name of a RADIUS client resolves to multiple IP addresses, the NPS server uses the first IP address returned in the Domain Name System (DNS) query.
  • Windows® Web Server 2008 R2. This server edition does not include NPS.

The Standard edition of Windows Server 2008 R2 actually has a 50 RADIUS client limit and the only way around this limit is to upgrade to either Enterprise or Datacenter which removes this limit providing unlimited clients.

Another way to get around this is to upgrade the operating system to Windows Server 2012 R2 Standard which does not have the 50 client limit.

No comments: