http://www.fatofthelan.com/technical/using-windows-2008-for-radius-authentication/

Server Manager -> Roles -> 
  Add Roles -> Network Polices and Access Services -> Network Policy Server
  Network Polices and Access Services -> NPS(local) -> 
    Register server in Active Directory
    Radius Clients and Servers -> new
    Polices -> Network Polices -> new
      Plicy Name: my policy
      Conditions: Windows Group -> Dimain Users
      Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP)

http://technet.microsoft.com/en-us/library/cc731611(v=ws.10).aspx

Server Manager -> Roles ->
  Network Polices and Access Services -> NPS(local) -> 
    Polices -> Network Polices -> my policy -> Propeties -> Settings

• Add/Remove Programm → Windows Components → Networking services/Internet Authenticatin Service (IAS)
• Add peer to IAS (intgate)
• Remote Access Polices → Connection to other access server → Properties → Edit Profile → Authentication
• Check Unencrypted authentication (PAP, SPAP)
• Permit DialIn for user user

gate# radtest user1 'Pa$$w0rd1' server 1 'testing123'

[gate:~] # cat /etc/radius.conf

auth server testing123 3

[gate:~] # cat /etc/pam.d/system

...
auth    sufficient      pam_radius.so   no_warn try_first_pass
auth    required        pam_unix.so     no_warn try_first_pass 
...

root@gate:~# apt-get install libpam-radius-auth

root@gate:~# cat /etc/pam_radius_auth.conf

server testing123 3

root@gate:~# cat /etc/pam.d/login

...
auth       sufficient   pam_radius_auth.so
# Standard Un*x authentication.
...