Creating a RADIUS Server for Administrator Authentication

You can add RADIUS servers that you want to use for authorizing and authenticating administrators.

  1. Go to Administration > Admins and Roles.
  2. Select the AAA tab.
  3. Click Create.
    The Create Administrator RADIUS Server page appears.
    Figure 128  Creating an Administrator RADIUS Server

  4. Configure the following:
    1. Name: Type a name for the RADIUS server.
    2. Type: Select the type of RADIUS server that you are using. Options include:
      • RADIUS: Click this option to use a Remote Authentication Dial-In User Service (RADIUS) server on the network for authenticating controller administrators.
      • TACACS+: Click this option to use a Terminal Access Controller Access-Control System Plus (TACACS+) server on the network for authentication controller administrators.
    3. Realm: Type the realm (or realms) to which the RADIUS server belongs. If the RADIUS server belongs to multiple realms, use a comma (,) to separate the realm names.
    4. Backup RADIUS: Select the Enable Secondary Server to back up the RADIUS server configuration.
      1. Primary Server: Type the IP address, port, shared secret for the primary server that needs to be backed up.
      2. Secondary Server: Type the IP address, port, shared secret for the secondary server to which the back must be done.
      3. Failover Policy at NAS:'
        • Request Timeout: Type the timeout period (in seconds) after which an expected RADIUS response message is considered to have failed.
        • Max Number of Retries: Type the number of failed connection attempts after which the controller will fail over to the backup RADIUS server.
        • Reconnect Primary: Type the number of minutes after which the controller will attempt to reconnect to the primary RADIUS server after failover to the backup server.
    5. IP Address: Type the IP address of the RADIUS server.
    6. Port: Type the UDP port that the RADIUS server is using. The default port is 1812.
    7. Shared Secret: Type the shared secret.
    8. Confirm Secret: Retype the same secret in.
    9. Click OK.
You have completed adding a RADIUS server for authenticating administrators.
NOTE
You can also edit, clone and delete the server by selecting the options Configure, Clone and Delete respectively, from the Administrator tab.
Parent topic: Managing Administrator and Roles