The Radius authentication server allows you to authorize users on Radius servers, i.e. UserGate will be serving as a Radius client. When authorizing via Radius, the UserGate server sends the username and password to a Radius server which, in turn, notifies whether the authentication has been successful or not.
Radius servers cannot provide a property of users to UserGate, so that if you have not registered them in UserGate beforehand (e.g. as local users or via LDAP connector), then you will be able to use only Known (i.e. authorized on a Radius server) or Unknown (failed to authorize on a Radius server) users in your security policies.
To create a new authentication server based on Radius, click Add, select Add RADIUS server and then specify the following parameters:
|
Name |
Description |
|---|---|
|
Enabled |
Enables or disables usage of the specified authentication server |
|
Server name |
Name of the authentication server |
|
Shared secret |
Shared key used by the Radius protocol for authentication |
|
Host |
IP address of the Radius server |
|
Port |
UDP port on which the Radius server is listening for authentication requests (UDP 1812 by default). |
Once the authentication server is created, you should set up the Captive portal for Radius-based authentication. For more details on the Captive portal, please refer to the next chapters of this Guide.