Difference between revisions of "How To Configure OneTouch On RADIUS"

From Swivel Knowledgebase
Jump to: navigation, search
 
Line 1: Line 1:
*On the [[Swivel_Core_V4_RADIUS_Menu#NAS|NAS entry]] you will need to set the attribute One Touch to yes. Then the authentication method used will be One Touch instead of PAP.
+
*On the [[Swivel_Core_V4_RADIUS_Menu#NAS|NAS entry]] you will need to set Push Authentication to yes.
*On the [[Swivel_Core_V4_RADIUS_Menu#NAS|NAS entry]] you will need to set the "Check password with repository" to YES.
+
*On the [[Swivel_Core_V4_RADIUS_Menu#NAS|NAS entry]] you will probably need to set the "Check password with repository" to YES. This is not a requirement, but typically you will need to provide a password, as many devices will not permit blank passwords for RADIUS authentication.
 
*On Dual Channel Section update the value “In Bound SMS Timeout (ms)” to indicate the amount of time that the RADIUS request will wait for the user response.  For example, if that time is set to 30000, the RADIUS call will wait for 30 seconds.
 
*On Dual Channel Section update the value “In Bound SMS Timeout (ms)” to indicate the amount of time that the RADIUS request will wait for the user response.  For example, if that time is set to 30000, the RADIUS call will wait for 30 seconds.
 
*Reply timeout attribute specified on the VPN RADIUS needs to be set to a value higher than the one specified on Server > Dual Channel > Call/Notification gap (s). That is because if RADIUS tries to authenticate again it will try to send a notification to the user before the time allowed between notification passed and the authentication will be rejected. The best configuration would be to set the reply timeout to be higher than the Dual Channel > In Bound SMS Timeout (ms) to allow to the user to reply before to try to send a new notification.
 
*Reply timeout attribute specified on the VPN RADIUS needs to be set to a value higher than the one specified on Server > Dual Channel > Call/Notification gap (s). That is because if RADIUS tries to authenticate again it will try to send a notification to the user before the time allowed between notification passed and the authentication will be rejected. The best configuration would be to set the reply timeout to be higher than the Dual Channel > In Bound SMS Timeout (ms) to allow to the user to reply before to try to send a new notification.

Latest revision as of 10:06, 29 November 2021

  • On the NAS entry you will need to set Push Authentication to yes.
  • On the NAS entry you will probably need to set the "Check password with repository" to YES. This is not a requirement, but typically you will need to provide a password, as many devices will not permit blank passwords for RADIUS authentication.
  • On Dual Channel Section update the value “In Bound SMS Timeout (ms)” to indicate the amount of time that the RADIUS request will wait for the user response. For example, if that time is set to 30000, the RADIUS call will wait for 30 seconds.
  • Reply timeout attribute specified on the VPN RADIUS needs to be set to a value higher than the one specified on Server > Dual Channel > Call/Notification gap (s). That is because if RADIUS tries to authenticate again it will try to send a notification to the user before the time allowed between notification passed and the authentication will be rejected. The best configuration would be to set the reply timeout to be higher than the Dual Channel > In Bound SMS Timeout (ms) to allow to the user to reply before to try to send a new notification.
  • Also Reply timeout attribute specified on the VPN RADIUS needs to be higher than the timeout specified in the NAS. Otherwise the timeout on the VPN will occur first, invalidating any RADIUS response given by the Swivel server. After configuring those attribute the process will be the following:
        * User enters username and password 
        * VPN makes RADIUS request
        * Core sends out PUSH and waits for response
        * When response is received user is authenticated
        * If user does not respond it times out


Please click here to see how to configure Push for mobile.