Before You Begin

If you wish to configure the SBC Edge (SBC) for either RADIUS Authentication or Accounting, you must first add one or more RADIUS Server(s) for the SBC to use.

Configuring RADIUS Services on the SBC

  1. In the WebUI, click the Settings tab.
  2. In the left navigation pane, go to Auth and Directory Services > RADIUS > Configuration.

    RADIUS Configuration

     

     

Did you know?

It is possible to configure a single RADIUS server to be used for both RADIUS-based authentication and CDR accounting at the same time. To do this, simply create two RADIUS server entries  pointing to the same RADIUS server IP address/FQDN — enter port 1812 to be used as the authentication server entry, and port 1813 for the accounting server entry.

RADIUS Options - Field Definitions

Authentication

You can configure the SBC to authenticate users via RADIUS Authentication Server(s). If enabled, you must specify the RADIUS user permissions on the SBC by configuring the necessary RADIUS User Class Access Level Mapping.

Accounting

You can configure the SBC for RADIUS accounting using the SBC Call Detail Records (CDR) feature. The SBC does not require a CDR license for logging call details.

Accounting Mode Options

If you wish to record call details to RADIUS Accounting Server(s), you must choose an Accounting Mode (i.e., the way you want the SBC to send those call record details):

  • Active-Standby Mode
    In the Active-StandBy mode, all accounting related requests are sent to the first accounting server (A-Server One) when it is UP. That is when it is pingable and active. In the event Server One becomes unreachable, accounting requests are then sent to the second accounting server (A-Server Two).
    If A-Server One and A-Server Two become unreachable CDR information is backed up and queued for retry on the Sonus SBC 2000 hard drive. On the Sonus SBC 1000, if an eUSB device is present, the Call Detail Records (CDRs) will be queued on the eUSB device up to a limit of 1,500 records.
  • Active-Active Mode
    In the Active-Active mode, all accounting requests are sent to both A-Servers. If one of the servers becomes unreachable, a retry procedure is executed. If the retry procedure fails, an alarm is raised every five minutes until the server becomes reachable again.
    If any or both servers become unreachable, the records are queued as described for the Active-StandBy Mode.
  • Round Robin Mode
    In the Round Robin Mode, accounting requests are alternated between A-Server One and A-Server Two. The first, third, fifth, etc., (odd numbered) requests are sent to A-Server One and the second, fourth, sixth, etc. (even numbered) are sent to A-Server Two. All the call-legs belonging to the same call will go to the same server. These legs will be linked with a unique Acct-Multi-Session-Id per call. When only one server is reachable, all the accounting packets will go to same server. If both servers become unreachable, the records are queued as described for the Active-StandBy Mode.

RADIUS Authentication Servers - Field Definitions

Primary Server/Secondary Servers

Specifies the RADIUS server to use as either Primary or Secondary for RADIUS Authentication. Servers selected for authentication must be configured for authentication and assigned to the correct UDP (Default 1812) Port for RADIUS authentication

RADIUS Accounting Servers - Field Definitions

Accounting Server 1/Accounting Server 2

Specifies the RADIUS server to use as either Primary or Secondary for RADIUS Authentication. Servers selected for accounting must be configured for accounting and assigned to the correct UDP Port (Normally, Port 1813) for RADIUS accounting. Although you must specify at least one RADIUS Accounting server, Sonus recommends you use two.