RADIUS Authentication

Up to 2 RADIUS servers can be programmed.

Config Type Default Description
c.radius.servers[#].name string '' The IP address, or name, of the RADIUS server. If c.radius.servers[1].name is blank then RADIUS is disabled.
c.radius.servers[#].port integer 1812 The UDP port number for the server. Common values are 1645 and 1812.
c.radius.timeout integer 2 The timeout (in seconds) for the RADIUS servers. Each RADIUS server is tried twice before trying the next.
c.radius.servers[#].secret string '********' The shared secret for this server. Note that this value is always write-only, and you will only ever read eight asterisks.
c.radius.nasid string '' The NAS-Identifier that is sent in each RADIUS request. If blank, this will be the string “00-02-ae-xx-xx-xx” (i.e. now an override value)
c.radius.nasip string '' The NAS-IP-Address value that is sent in each RADIUS request. If the value is blank then the NAS-IP-Address value is not included in the request.
c.radius.web string 'L' The authentication method for the web-server. See: #RADIUS vs Local
c.radius.passthru string 'L' The authentication method for the pass-through sockets. See: #RADIUS vs Local
c.radius.tcp string 'L' The authentication method for the TCP Server Delivery. See: #RADIUS vs Local
c.radius.ftp string 'L' The authentication method for the FTP Server Delivery. See: #RADIUS vs Local

RADIUS vs Local

Value Description
'L' Local only
'R' RADIUS only
'T' RADIUS then Local on timeout
'B' Both RADIUS and Local.