Radius Configuration

1. Select > USERS & ACCOUNTS > Remote Authentication. 

2. The REMOTE AUTHENTICATION page displays.

3. From the Scheme options, select Radius.

4. Choose the desired Mode:

   • RADIUSDownLocal

   • RADIUS Mode

   • LocalRADIUS

   • RADIUSLocal

5. Enter the Address and optionally the Port of the Remote Authentication Server to query. The default port is 1812.

   Note: Click Add Authentication Server to add multiple servers.

6. Enter the Address and optionally the Port of the Remote Accounting Server to send accounting information to. The default port is 1813.

   Note: Click Add Accounting Server to add multiple servers.

7. Enter and confirm the Server Password also known as the RADIUS Secret.

8. Click Apply.

To provide group membership, RADIUS needs to be configured to provide a list of group names via the Framed-Filter-Id attribute.

The following configuration snippet shows how this can be configured for FreeRADIUS:

operator1 Auth-Type := System Framed-Filter-ID = ":group_name=west_coast_admin,east_coast_user:"

Note: The Framed-Filter-ID attribute must be delimited by the colon character.