Network Policy Servers – Configure NPS Forwarding Endpoints
Overview
Section titled “Overview”The Network Policy Servers (NPS) page manages external NPS endpoints that MideyeServer can forward RADIUS requests to. NPS servers are referenced by LDAP profiles to enable delegated authentication — when an LDAP profile is configured with an NPS server, matching RADIUS requests are forwarded to that NPS for policy evaluation.
Each NPS server entry defines the hostname, port, and shared secret required for RADIUS communication.
Access & Permissions
Section titled “Access & Permissions”Required Role: ROOT, SUPER_ADMIN, or ADMIN (to create, edit, or delete NPS servers)
Navigation: Home → RADIUS Settings → Network Policy Servers
| Role | View | Create / Edit / Delete |
|---|---|---|
| ROOT | ✅ | ✅ |
| SUPER_ADMIN | ✅ | ✅ |
| ADMIN | ✅ | ✅ |
| OPERATOR | ✅ | ❌ |
Features & Configuration
Section titled “Features & Configuration”Data Grid Columns
Section titled “Data Grid Columns”| Column | Description | Sortable |
|---|---|---|
| Server Name | Unique name identifying the NPS server | Yes |
| Host Name | Hostname or IP address of the NPS server | Yes |
| Port | UDP port for RADIUS communication | Yes |
| Action | Edit and Delete buttons (admin only) | — |
Create / Edit Form
Section titled “Create / Edit Form”A single-page form (no tabs) with all configuration fields.
| Field | Type | Required | Validation | Default | Description |
|---|---|---|---|---|---|
| Server Name | Text | Yes | Max 255 characters, unique (async check) | — | Unique name for this NPS server |
| Host Name | Text | Yes | Must be valid hostname or IPv4 address (async check) | — | Network address of the NPS server |
| Port | Number | Yes | Min: 1, Max: 65535 | 1812 | UDP port for RADIUS communication |
| Secret | Password | Yes | Max 255 characters | — | Shared secret for authenticating with the NPS server |
Common Use Cases
Section titled “Common Use Cases”Integrating with Microsoft NPS
Section titled “Integrating with Microsoft NPS”- Click Add New.
- Enter a descriptive server name (e.g., “Corp-NPS-01”).
- Enter the NPS server’s hostname or IP address.
- Set the port (default 1812 for RADIUS authentication).
- Enter the shared secret configured on the NPS server.
- Click Save.
- Associate this NPS server with an LDAP Profile.
Setting Up Redundant NPS Servers
Section titled “Setting Up Redundant NPS Servers”- Create multiple NPS server entries, each pointing to a different NPS instance.
- Associate them with different LDAP profiles or use them as failover targets.
Troubleshooting
Section titled “Troubleshooting”| Issue | Possible Cause | Resolution |
|---|---|---|
| Cannot save — name already exists | Duplicate server name | Choose a unique server name |
| Hostname validation fails | Invalid hostname or IP format | Enter a valid hostname or IPv4 address |
| NPS not responding | Wrong hostname, port, or secret | Verify network connectivity, port, and shared secret match the NPS configuration |
| Cannot delete NPS server | Referenced by an LDAP profile | Remove the NPS association from the LDAP profile first |
Related Pages
Section titled “Related Pages”- LDAP Profiles — Associate NPS servers with LDAP directory profiles
- RADIUS Servers — Configure MideyeServer’s own RADIUS authentication servers
- RADIUS Clients — Configure clients that send requests to MideyeServer