Field/Item Description
RADIUS server IP
address or DNS name
To connect with the RADIUS server, specify an IPv4 or IPv6 address,
or a host name (host name is not recommended). An IP address is
preferred, both because it eliminates the dependency on the network
DNS sever(s), and to improve login performance.
The SMU Network Configuration page (navigate to Home > SMU
Administration > SMU Network Configuration) shows the active
IP addresses. It is recommended that IPv4 on eth0 and the current
IPv6 addresses be added to the "allowed client" list on each RADIUS
server. For more information on setting up the SMU Network
Configuration for IPv6, see the Network Administration Guide.
Shared Secret Specify the shared secret.
Some RADIUS Servers limit the length of the shared secret and
require that it be comprised only of characters that can be typed on a
keyboard which uses only 94 out of 256 possible ASCII characters.
If the shared secret must be a sequence of keyboard characters,
choose shared secrets that are at least 22 characters long and
consisting of a random sequence of upper and lower case letters,
numbers, and punctuation.
• To ensure a random shared secret, use a computer program to
generate a random sequence at least 22 characters long. Windows
2008 Server allows you to generate a shared secret when adding
the RADIUS client.
• The SMU will support a shared secret from 1 up to 128 characters.
• Use a different shared secret for each RADIUS server-RADIUS
client pair.
Port Specify the RADIUS server authentication port. The default RADIUS
server authentication port is 1812, but you should check with the
RADIUS server administrator to make sure that 1812 is the correct
port.
Protocol The protocol for the RADIUS server.
Timeout Specify the timeout, which is the number of seconds the SMU waits
before retrying (retying is re-transmitting the authentication request
to the same RADIUS server). The default is 3 seconds. If the timeout
is reached and there is no response from the first RADIUS server in
the list, the SMU attempts another retry.
Retry Count Specify the retry count. The default is 3. When the retry limit is
reached, the SMU sends the request to the next RADIUS server in the
list. When the retry limit for the second server is reached, the SMU
attempts to reach the next server in the list, until there are no more
servers to try. If there are no more servers to try, the user cannot be
authenticated, and the login fails.
OK When you are done making changes, click OK to test connectivity and
save the configuration for this RADIUS server and return to the
RADIUS Servers page.
cancel Exits without saving the configuration.
240 Setting up security
System Administrator Guide for VSP Gx00 models and VSP Fx00 models
To Next Page
Loading...
Need help?
General