How To Configure OneTouch On RADIUS
From Swivel Knowledgebase
- On the NAS entry you will need to set Push Authentication to yes.
- On the NAS entry you will probably need to set the "Check password with repository" to YES. This is not a requirement, but typically you will need to provide a password, as many devices will not permit blank passwords for RADIUS authentication.
- On Dual Channel Section update the value “In Bound SMS Timeout (ms)” to indicate the amount of time that the RADIUS request will wait for the user response. For example, if that time is set to 30000, the RADIUS call will wait for 30 seconds.
- Reply timeout attribute specified on the VPN RADIUS needs to be set to a value higher than the one specified on Server > Dual Channel > Call/Notification gap (s). That is because if RADIUS tries to authenticate again it will try to send a notification to the user before the time allowed between notification passed and the authentication will be rejected. The best configuration would be to set the reply timeout to be higher than the Dual Channel > In Bound SMS Timeout (ms) to allow to the user to reply before to try to send a new notification.
- Also Reply timeout attribute specified on the VPN RADIUS needs to be higher than the timeout specified in the NAS. Otherwise the timeout on the VPN will occur first, invalidating any RADIUS response given by the Swivel server. After configuring those attribute the process will be the following:
* User enters username and password * VPN makes RADIUS request * Core sends out PUSH and waits for response * When response is received user is authenticated * If user does not respond it times out
Please click here to see how to configure Push for mobile.