Home > User Interface > Configuration > System Configuration > RADIUS Configuration
|
Menu path: Configuration > System Configuration > RADIUS Configuration.
The RADIUS configuration page lists available EAP authentications and how RADIUS filters are used, in additional to other RADIUS parameters.
The fields in this form are:
| Field | Usage | Example |
|---|---|---|
| EAP Authentication Types | Defines the supported EAP authentication methods. The options are: GTC, MD5, MSCHAPv2, PEAP, TLS, FAST, and TTLS. Some are initially configured into the form. Delete an item by clicking on its "x". Add new items from the list by clicking in a blank area of the list. | MD5 MSCHAPv2 TLS TTLS |
| EAP FAST KEY | If FAST is one of the EAP Authentication Types, then this field is the EAP-FAST Opaque Key - 32 random digits. This and the next field are part of the PAC (Protected Access Credentials). | |
| EAP FAST Authority Identity | If FAST is one of the EAP Authentication Types, then this field is the EAP-FAST server authority ID. | 1234 |
| Record Accounting Data in Database | If enabled, accounting data is recorded in the A3 database. |
|
| Use RADIUS Filters for Authentication | If enabled, the RADIUS filters defined in the Filters section of a Connection Profiles are used in the execution of the RADIUS authorize configuration section. |
|
| Use RADIUS Filters for Pre-Proxy | If enabled, the RADIUS filters defined in the Filters section of a Connection Profiles are used in the execution of the RADIUS pre-proxy configuration section. |
|
| Use RADIUS Filters for Post-Proxy | If enabled, the RADIUS filters defined in the Filters section of a Connection Profiles are used in the execution of the RADIUS post-proxy configuration section. |
|
| Use RADIUS Filters for Pre-Accounting | If enabled, the RADIUS filters defined in the Filters section of a Connection Profiles are used in the execution of the RADIUS pre-accounting configuration section. |
|
| Use RADIUS Filters for Accounting | If enabled, the RADIUS filters defined in the Filters section of a Connection Profiles are used in the execution of the RADIUS accounting configuration section. |
|
| Use RADIUS Filters for Tunnel Authorization | If enabled, the RADIUS filters defined in the Filters section of a Connection Profiles are used in the execution of the RADIUS tunnel authorization configuration section. |
|
| NTLM Redis Cache | If enabled, a Redis-driven cache is used for NTLM authentication. This requires that NT hash synchronization be set up between A3 and the Active Domain controller. |
|
| RADIUS Attributes | The list of RADIUS attributes that can be used in the Authentication Sources configuration. The built-in attributes are username, NAS-identifier, Called-Station-Id, and Calling-Station-Id. Others can be entered in the form below the built-in list. | |
| RADIUS Machine Authentication with User Name | If enabled, the RADIUS user name will be used in lieu of the TLS certificate common name when performing machine authentication. |
|
| User Name Attributes | A list of RADIUS attributes that will be searched in order to determine the user name. |
Note
When advised to restart any A3 service, the administrative interface for each cluster member must be used individually to perform the operation. Perform the operation on each member one at a time, waiting for the service(s) to completely restart.Copyright © 2021 Extreme Networks. All rights reserved. Published April 2021.