RADIUS
RADIUS is an acronym, short for Remote Access Dial-In User. An instance of the RADIUS service installation to which different devices may connect to for network authentication or access.
RADIUS Client: RADIUS clients are network access servers—such as wireless access points, 802.1X-capable switches, virtual private network (VPN) servers, and dial-up servers. This entry area shows the name and device IP.
Prerequisites
- Visual C++ - This update can be downloaded here.
Microsoft .NET v4.6 This update can be downloaded here.
Before you start
- Ensure that you have administrative access to your Passly on Demand tenant.
- You have access to a computer that will host the RADIUS Client
- You have access to your desired VPN capable device and are familiar with the configuration.
Section 1: Add a RADIUS Agent
Below are the steps to follow to add a RADIUS Agent that includes one RADIUS Client.
Steps
- Log into your instance of Passly.
- Select the Auth Manager area on the left side to reveal the Agents area.
- Select the Plus sign at the bottom right corner to select and add a new Agent.
- Select “RADIUS Server” from the list
- Ensure the agent is "Enabled".
- Enter a name for the Agent that will identify its’ uniqueness from the other agents.
Note: We recommend naming the agent based on the Windows server it is installed on. - Select how often the Sync agent will check in (Sync Frequency)
- Select the Authentication Policy.
Note: We recommend setting up a policy that is unique to RADIUS for best results. - Copy down the following:
- ID: The unique ID of the agent. (formerly Client ID)
- Key: The auto-generated secret value of the agent. (formerly Client Secret)
- Home Realm: The home realm your agent will connect to.
- As you will be prompted for this information when you are installing the RADIUS Agent service.
Note: The above information is to be used ONLY at the time of installing the service - Select the desired Authentication Policy to be in place for the Agent
- Select the RADIUS Configuration tab
- Select the port you wish to use for communication (default port is 1812)
- Select the “Add RADIUS Client” button
- In the “Add RADIUS Client” screen, perform the following:
- Add a Friendly name for the client.
- Add the Client IP Address.
- Add a Client Shared Secret.
- Confirm Shared Secret (Formerly Confirm Password) for the Client.
Note: This is the shared secret that will be placed on the forwarding device/router to authenticate the communication. - Select the Authentication Policy.
- Select the “Add RADIUS Client”
Note: if you would like to add more than one client, select the “add another” check box prior to selecting the Add RADIUS client button.
- Press “Add Agent” to close the “Add New Agent Screen.”
Download the RADIUS agent installer
Before you start
- Ensure that you have administrative access to your Passly tenant.
- You should be performing the following on the Machine that will host the RADIUS Service.
- .NET 4.6.0 or Higher must be installed on the host machine or the RADIUS installation package will not install.
- Log into your Passly tenant.
- Select the “Auth Manager” area on the left side of the screen.
- Locate the preferred RADIUS agent in the list.
- Download the RADIUS installer by one of the following options:
- Select the three dots to the right and then select “Download” from the dropdown.
- Select the agent name and then select the “Download Installer” button.
- Once downloaded, run through the installation wizard on the machine that will host the RADIUS service.
- Enter in the “ID”, “Key” and “Home Realm” that were copied during the RADIUS client creation.
- Finish the installation.