Reset Search
 

 

Article

KB23596 - How to configure the PCS device to authenticate native users from an SBR Radius server

« Go Back

Information

 
Last Modified Date8/1/2015 3:29 AM
Synopsis
This article provides information on how to set up the Radius server configuration in the PCS device to authenticate native SBR users.
Problem or Goal
How to set up the Radius server configuration in the PCS device to authenticate native SBR users.
Cause
Solution
To authenticate users, who are using the Radius server via the PCS device, perform the following procedure:
 
  1. Go to Authentication > Auth servers and from the the drop-down box select Radius server.
     

    1. Type the name of the server. For example, RAS-Radius.
  2. NAS-Identifier: <optional>.
 
  • Radius server: Type the IP address of the Radius server. For example, 10.141.232.51.
 
  • Authentication port: 1812.
 
  • Shared Secret: It should be the same as the Radius server.
 
  • Accounting port: 1813.
 
  • NAS-IP-Address: <optional>
 
  • Time out: 25.
 
  • Retries: 5.
 
  • Back up the server (if required).
 
  • Radius Accounting (if required).
 
  • Scroll down and click Save Changes.
 
  • When the PCS device is configured, add the PCS device as a client in the SBR Radius server:

    1. Go to Radius Clients and click the Add button:
       

  • The Add Radius Client window is displayed. Provide the following information:

     
    • Name: SA device (sample name)
  • IP Address: PCS IP address.
 
  • Shared Secret: The same secret which was configured on the PCS device.
 
  • Click Save Changes.
 
  • Now you can add the users, either in Native or Domain. If users are native, then add them via the Native option or if the users need to be mapped via domains, then use domain.
     


    Now you can map the configured Radius Auth server to the required realms and authenticate users.


You can also configure Two Factor Authentication in the device with Active Directory as the primary authentication and Radius as the secondary authentication.
 
  1. Configure the Radius Server (for example, RAS-Radius) as the secondary authentication server and the Active Directory server (for example, NSR-AD-98) as the primary authentication server in the device:

  2. Implementing the  Primary and Secondary authentication at the Realm level:



    For additional authentication with the Radius server:
     
    • Authentication #2: Select the Secondary Authentication (as the Radius Authentication server instance; for example, RAS-Radius).
  3. Specify by user on sign-in page: it will take the user name that is specified during the first authentication.
 
  • Specify by user on sign-in page: it will take the user password that is specified during the first authentication.
 
  • The End session if authentication against this server fails check box should be selected; it will end the session, if the authentication fails during the secondary authentication.
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255