6.3.2. RADIUS User Authentication Server

The RADIUS option enables user authentication on RADIUS servers, with UserGate working as a RADIUS client. When authorization is done using a RADIUS server, UserGate sends the username and password information to the RADIUS server, which then responds as to whether or not the authentication was successful.

A RADIUS server cannot provide a list of users to UserGate, therefore, if the users were not added to UserGate in advance (e.g., as local users or users fetched from an AD domain using an LDAP connector), only users of types Known (those who successfully authenticated with the RADIUS server) and Unknown (those who were not authorized) can be used in filtering policies.

To add a RADIUS authentication server, click Add, select Add RADIUS server, and provide the following settings:




Enables or disables the use of this authentication server.

Server Name

The name of the authentication server.

Shared secret

Pre-shared key used by the RADIUS protocol for authentication.


The IP address for the RADIUS server.


The UDP port on which the RADIUS server listens for authentication requests. By default, UDP port 1812 is used.

After adding the authentication server, you need to configure the captive portal for using the RADIUS method. The captive portal is described in more detail in the following chapters.