RADIUS Deployment Considerations

Before defining the RADIUS server configuration, refer to the following deployment guidelines to ensure the configuration is optimally effective:

• Each RADIUS client should use a different shared secret (password). If a shared secret is compromised, only the one client poses a risk, as opposed all the additional clients that potentially share the secret password.
• Consider using an LDAP server as a database of user credentials that can be used optionally with the RADIUS server to free up resources and manage user credentials from a secure remote location.