Configure RADIUS Settings for EdgeMarc 300 Series

Use the Radius Settings page to configure the EdgeMarc to communicate with a network-deployed RADIUS server to authenticate serial console, SSH, TELNET, HTTP, and HTTPS management sessions.

About RADIUS Settings

Remote Authentication Dial In User Service (RADIUS) is an authentication, authorization and accounting protocol that is used for management sessions with the EdgeMarc. If RADIUS authentication is configured, the EdgeMarc communicates with a network deployed RADIUS server to authenticate serial console, SSH, TELNET, HTTP, and HTTPS management sessions.

If the EdgeMarc cannot contact the network-based RADIUS server in the specified number of retries, or the configured shared secret does not match the secret on the RADIUS server, the EdgeMarc uses the credentials supplied by the user to perform local authentication.

The RADIUS Settings page contains parameters for RADIUS server authentication for HTTP, HTTPS, SSH, Telnet, and console login. For all protocols except SSH, feedback is given to the operator indicating whether the login is being sent to the RADIUS server or verified locally. Sessions involving the RADIUS server are identified with the string “Radius” in the login prompt. Sessions authenticated locally on the EdgeMarc are identified with the string “System” in the login prompt.

Using the RADIUS Settings Page

Configure a single RADIUS entry for the system.

To use the RADIUS Settings Page

1. Choose Admin > RADIUS Settings.
   
   

2. Configure settings using the information in the following table as a guide.

   RADIUS Settings

   Item	Description
   Enable RADIUS	Select the Enable RADIUS checkbox.
   RADIUS Server Address	Enter the primary RADIUS server IP address.
   Server Retries	Specify the number of times to try to reach the RADIUS server if an attempt fails. Default is two times.
   Retransmit Interval (in seconds)	Sets the delay in seconds between server retries. Default is two seconds.
   Shared Secret	Displays whether a password for RADIUS authentication requests has been set.
   Edit Secret	Select the Edit Secret checkbox to allow you to set the shared secret password.
   Shared Secret	Enter a password for RADIUS authentication requests. The client and the server must have the same password.
   Shared Secret (confirm)	Re-enter the shared secret to confirm.
   RADIUS Port	Enter the port for local clients to use for communication with the RADIUS servers. Default is 1812.
   RADIUS Authorization Mode	Select the mode for RADIUS authorization from the drop-down list: • Basic—Confirms the shared secret with the server. Default. • CHAP—Shares the secret with the server and includes a built-in challenge as part of the CHAP protocol.

3. Click Submit to make your changes take effect.
4. A message indicates that service will be temporarily interrupted. Click OK to confirm.