This object provides an option for configuring users on a remote RADIUS server and authenticating login attempts with that RADIUS server. The authenticating user should be part of the Administrator group.
For configuration details, refer to Configuring SBC for RADIUS Authentication.
Each SBC user is provided a private home directory for SFTP and files used by the CLI (refer to "Unique Home Directories" section on the page Managing SBC Core Users and Accounts). When using Radius authentication, users are only known to the Radius server and therefore do not have private home directories on the SBC. To create these home directories, you must also create Radius users on the SBC (refer to Local Authentication - CLI).
The CLI syntax to configure RADIUS-based authentication is provided below.
Use this object to configure each RADIUS server for the specified Management Interface Group.
|1-23 characters||RADIUS server name.||M|
The type of authentication to use.
|N/A||Name of the Management Interface Group to connect to this RADIUS server.||O|
|1-8||When configuring multiple RADIUS servers, use this attribute to specify the order to attempt RADIUS authentication. The RADIUS server with the lowest priority is contacted first.||M|
|IPv4 format||IPv4 address of the SBC to send in ACCESS_REQUEST. (default = 0.0.0.0)|
|IPv4 format||IPv4 address of the RADIUS server.|
|1-65535||The RADIUS server port to which the SBC sends the request.|
The shared secret used to encrypt the data exchanged between SBC and RADIUS server.
Operational state of the RADIUS server
Use this parameter to configure the authentication retry criteria before the SBC times out as well as the RADIUS server out-of-service setting.
Time in minutes the RADIUS server remains out of service after a timeout. Number of retries the SBC uses to attempt authentication. (Default = 3) Time in milliseconds before the SBC attempts another authentication request. (Default = 1000)
Parameter Length/Range Description
Time in minutes the RADIUS server remains out of service after a timeout.
Number of retries the SBC uses to attempt authentication. (Default = 3)
Time in milliseconds before the SBC attempts another authentication request. (Default = 1000)
The following example configures SBC to communicate with the external RADIUS server for user authentication:
The following example enables external RADIUS authentication: