RADIUS Authentication

To enable RADIUS authentication

1.Select Administration in the main menu of the Control Center.

2.Select Authentication in the control menu.

3.In the opened window, select RADIUS authentication section.

4.Set the Use RADIUS authentication flag.

5.Click Save.

6.Restart the Server to apply changes.

To use the RADIUS authentication protocol, you must install a server that implements this protocol, e.g., freeradius (for more details, see https://freeradius.org/).

In the Control Center you can specify the following parameters for the RADIUS server communication:

Server, Port, Password—parameters for connection to the RADIUS server: IP address/DNS name, port number, password (secret) correspondingly.

Timeout—time for waiting the response from the RADIUS server, in seconds.

Retries number—maximum number of retries to connect the RADIUS server.

Also, you can setup additional RADIUS parameters via the following tools:

The auth-radius.conf configuration file located in the etc folder of the Server.

Besides parameters that are specified via the Control Center, in the configuration file you can specify the NAS identifier value. This identifier according to the RFC 2865, can be used instead of IP address/DNS name as a client's identifier for connection to the RADIUS server. In the configuration file it is stored in the following form:

<!-- NAS identifier, optional, default - hostname -->
<nas-id value="drwcs"/>

The dictionary.drweb dictionary located in the etc folder of the Server.

The dictionary stores the list of RADIUS attributes of Doctor Web company (VSA—Vendor-Specific Attributes).