RADIUS Authentication
Up to 2 RADIUS servers can be programmed.
| Config | Type | Default | Description |
|---|---|---|---|
c.radius.servers[#].name |
string | '' |
The IP address, or name, of the RADIUS server. If c.radius.servers[1].name is blank then RADIUS is disabled. |
c.radius.servers[#].port |
integer | 1812 | The UDP port number for the server. Common values are 1645 and 1812. |
c.radius.timeout |
integer | 2 |
The timeout (in seconds) for the RADIUS servers. Each RADIUS server is tried twice before trying the next. |
c.radius.servers[#].secret |
string | '********' |
The shared secret for this server. Note that this value is always write-only, and you will only ever read eight asterisks. |
c.radius.nasid |
string | '' |
The NAS-Identifier that is sent in each RADIUS request. If blank, this will be the string “00-02-ae-xx-xx-xx” (i.e. now an override value) |
c.radius.nasip |
string | '' |
The NAS-IP-Address value that is sent in each RADIUS request. If the value is blank then the NAS-IP-Address value is not included in the request. |
c.radius.web |
string | 'L' |
The authentication method for the web-server. See: #RADIUS vs Local |
c.radius.passthru |
string | 'L' |
The authentication method for the pass-through sockets. See: #RADIUS vs Local |
c.radius.tcp |
string | 'L' |
The authentication method for the TCP Server Delivery. See: #RADIUS vs Local |
c.radius.ftp |
string | 'L' |
The authentication method for the FTP Server Delivery. See: #RADIUS vs Local |
| Value | Description |
|---|---|
'L' |
Local only |
'R' |
RADIUS only |
'T' |
RADIUS then Local on timeout |
'B' |
Both RADIUS and Local. |