In this section:
Use the Radius Server window to configure up to three RADIUS servers, per SBC, to which you want to submit requests to authenticate SBC users. When more than one RADIUS server is configured and RADIUS authentication is attempted, the server configured with the lowest numeric priority value is tried first. If fallback is configured, the server with the next lowest numeric priority value is tried next. SBC allows a configurable number of retries and time-outs before retry.
Each SBC user is provided a private home directory for SFTP and files used by the CLI (refer to "Unique Home Directories" section on the page Managing SBC Core Users and Accounts). When using Radius authentication, users are only known to the Radius server and therefore do not have private home directories on the SBC. To create these home directories, you must also create Radius users on the SBC (refer to Local Authentication - CLI).
To View the List of RADIUS Servers
On the SBC main screen, go to Administration > Users and Application Management > Radius Authentication> Radius Server. The Radius Server window is displayed.
Figure 1: Radius Server Window
To Create a RADIUS Server
To create a new RADIUS server configuration:
Click New Radius Server. The Create New Radius Server window is displayed.
- Use the following table to specify configuration for a RADIUS server, then click Save.
Table 1: RADIUS Server Parameters
Parameter | Description |
---|---|
Server Name | The name for the RADIUS server (up to 23 characters). |
Priority | When configuring multiple RADIUS servers, use this attribute to specify the order to attempt RADIUS authentication. The RADIUS server with the lowest numeric priority value is contacted first. |
State | Operational state of the RADIUS server. Options are
|
Radius Server IP | The IPv4 address of the RADIUS server. The default value is 0.0.0.0. |
Radius Server Port | The RADIUS server port to which the SBC sends requests. Range: 1-65535. The default value is 1812. |
Radius Nas IP | The IPv4 address of the SBC to send in the ACCESS_REQUEST message. The default value is 0.0.0.0. |
Radius Shared Secret | The shared secret used to encrypt the data exchanged between the SBC and the RADIUS server. Range: 6-128 characters. |
Mgmt Interface Group | The Management Interface Group to use to connect to the RADIUS server. |
Authentication Method | The type of authentication to use.
|
To Copy a RADIUS Server
To copy the configuration of an existing RADIUS server and modify it to create a new configuration:
- Click the radio button adjacent to its name.
- Click Copy Radius Server. The Copy Radius Server window opens showing the values of the configuration you are copying.
- Make changes to the fields as needed and click Save.
To Delete a RADIUS Server
To delete a RADIUS server configuration:
- Click the radio button adjacent to the name of the RADIUS server configuration you want to delete.
- Click the Delete icon (X) at the right end of the row.
- Confirm the deletion when prompted.