Difference between revisions of "How To Configure OneTouch On RADIUS"

From Swivel Knowledgebase
Jump to: navigation, search
(fix internal links)
Line 1: Line 1:
 
*On the [[Swivel_Core_V4_RADIUS_Menu#NAS|NAS entry]] you will need to set the attribute One Touch to yes. Then the authentication method used will be One Touch instead of PAP.
 
*On the [[Swivel_Core_V4_RADIUS_Menu#NAS|NAS entry]] you will need to set the attribute One Touch to yes. Then the authentication method used will be One Touch instead of PAP.
 +
*On the [[Swivel_Core_V4_RADIUS_Menu#NAS|NAS entry]] you will need to set the "Check password with repository" to YES.
 
*On Dual Channel Section update the value “In Bound SMS Timeout (ms)” to indicate the amount of time that the RADIUS request will wait for the user response.  For example, if that time is set to 30000, the RADIUS call will wait for 30 seconds.
 
*On Dual Channel Section update the value “In Bound SMS Timeout (ms)” to indicate the amount of time that the RADIUS request will wait for the user response.  For example, if that time is set to 30000, the RADIUS call will wait for 30 seconds.
 
*Reply timeout attribute specified on the VPN RADIUS needs to be set to a value higher than the one specified on Server > Dual Channel > Call/Notification gap (s). That is because if RADIUS tries to authenticate again it will try to send a notification to the user before the time allowed between notification passed and the authentication will be rejected. The best configuration would be to set the reply timeout to be higher than the Dual Channel > In Bound SMS Timeout (ms) to allow to the user to reply before to try to send a new notification.
 
*Reply timeout attribute specified on the VPN RADIUS needs to be set to a value higher than the one specified on Server > Dual Channel > Call/Notification gap (s). That is because if RADIUS tries to authenticate again it will try to send a notification to the user before the time allowed between notification passed and the authentication will be rejected. The best configuration would be to set the reply timeout to be higher than the Dual Channel > In Bound SMS Timeout (ms) to allow to the user to reply before to try to send a new notification.

Revision as of 09:03, 26 April 2018

  • On the NAS entry you will need to set the attribute One Touch to yes. Then the authentication method used will be One Touch instead of PAP.
  • On the NAS entry you will need to set the "Check password with repository" to YES.
  • On Dual Channel Section update the value “In Bound SMS Timeout (ms)” to indicate the amount of time that the RADIUS request will wait for the user response. For example, if that time is set to 30000, the RADIUS call will wait for 30 seconds.
  • Reply timeout attribute specified on the VPN RADIUS needs to be set to a value higher than the one specified on Server > Dual Channel > Call/Notification gap (s). That is because if RADIUS tries to authenticate again it will try to send a notification to the user before the time allowed between notification passed and the authentication will be rejected. The best configuration would be to set the reply timeout to be higher than the Dual Channel > In Bound SMS Timeout (ms) to allow to the user to reply before to try to send a new notification.
  • Also Reply timeout attribute specified on the VPN RADIUS needs to be higher than the timeout specified in the NAS. Otherwise the timeout on the VPN will occur first, invalidating any RADIUS response given by the Swivel server. After configuring those attribute the process will be the following:
        * User enters username and password 
        * VPN makes RADIUS request
        * Core sends out PUSH and waits for response
        * When response is received user is authenticated
        * If user does not respond it times out


Please click here to see how to configure Push for mobile.