![]() |
• The RADIUS server’s administrator must define the desired groups and assign users to the groups.
• The OnBoard appliance’s administrator must configure the RADIUS server on the OnBoard appliance.The following list defines the values to define when configuring a RADIUS authentication server on the OnBoard appliance as shown below.secret: The shared password required for communication between the OnBoard appliance and the RADIUS server.time-out: The default is 3 seconds. How long the OnBoard appliance should wait for the RADIUS server’s response.
3. Use the format Framed-Filter-Id=:group_name=<Group1>[,<Group2>,..., <GroupN>];, as shown in the following example.
NOTE: If the Frame-Filter-Id already exists, append the group_name declaration to the string starting with a colon (:). Make sure a final semi-colon (;) is at the end of the declaration, as shown in the example.
2. Open the /etc/raddb/server file for editing or create the file.
3. Make an entry for the RADIUS server (auth1), an accounting server (acct1) and if desired, make an entry for a second RADIUS authentication server (auth2) and for a second accounting server (acct2), by performing the following steps for each server.# first server to return success or failure causes the module to return # success or failure. Only if a server fails to response is it skipped, # and the next server in turn is used.The following screen example shows entries that define the RADIUS authentication server and the accounting server to be the same server with the same IP address, sets the secret to cyclades, the time-out to 5 seconds and the number of retries to 5.
NOTE: Multiple RADIUS servers can be configured in this file. The servers are tried in the order in which they appear. If a server fails to respond, the next configured server is tried.