RADIUS Configuration

From Swivel Knowledgebase
Jump to: navigation, search


RADIUS Configuration

Overview

Swivel is a RADIUS server and can accept requests from Network Access Servers (RADIUS Clients) that ask authentication information. For non RADIUS devices, Swivel supports an XML authentication see XML Authentication Configuration.

This RADIUS configuration guide outlines how to configure Swivel as a RADIUS server for NAS clients. For further information on the Swivel RADIUS server and options available see RADIUS How To Guide


Configuring the RADIUS server

Configure the RADIUS settings using the RADIUS configuration page in the Swivel Administration console. Leave the RADIUS Server IP address empty, this means that the server will answer all RADIUS requests received by the server regardless of the IP address that they were sent to, and is useful where multiple network interfaces are used.

If authentication must only occur on a single IP address of the Swivel instance then enter an IP address from the Swivel server. If an IP is specified then only RADIUS requests sent to that IP address will be responded to. If on AuthControl Sentry 4.1.0.6062 or later, you can now use the Swivel VIP address, for HA environments.


Swivel 3.9.7 RADIUS Server.JPG

Configuring the RADIUS NAS

On the Swivel Administration console under RADIUS/NAS, enter a name for the Access device from which RADIUS requests are made from. The IP address should be set to the IP of the Access device, and a secret (a password such as ‘secret’) assigned, that will be used on both the Swivel server and Access Device RADIUS configuration.


Swivel 3.9.7 RADIUS NAS.jpg


Note for access using mobile phone devices (Swivlet, Mobile Phone apps such as .NET mobile, iPhone App the access device must be configured to use PAP for authentication.