4.3.4 RADIUS Authentication
RADIUS authentication provides a means to use an external RADIUS server for authentication
purposes when logging in to SecureSync. RADIUS allows the login password for user-created
accounts to be stored and maintained in a central RADIUS server on the network.
This function greatly simplifies password management: Instead of having to change a password
in many network appliances, it is changed on the RADIUS server only.
In order to use RADIUS authentication with SecureSync, RADIUS and the RADIUS network server
first need to be configured. Currently, http/https/ssh/telnet/ftp protocols are supported, i.e.
you can login to a SecureSync unit using RADIUS authentication via applications using any of
these protocols.
Caution: In order to utilize RADIUS authentication, the account username on the
RADIUS server must NOT be used with a local user account.
E x a m p l e :
A user with the username user3 on the RADIUS server will not be able to login to a SecureSync unit, if
on that unit a local user account with the username user3 exists. However, once the user deleted the
local user3 account, she will be able to login with the RADIUS user3 account.
See also "TACACS+ Authentication" on page265
4.3.4.1 Enabling/Disabling RADIUS
To enable or disable the use of RADIUS authentication on a SecureSync unit:
1.
In the Web UI, navigate to MANAGEMENT > OTHER: Authentication.
2.
In the Actions panel on the left, click RADIUS. The RADIUS Setup window will be dis-
played:
262
CHAPTER 4 • SecureSync User Reference Guide Rev. 26
4.3 Managing Users and Security