Control | Description |
Set a Global Default Key | Enables a global server key for the RADIUS server. |
Global Key | Specify the global server key. |
Confirm Global Key | Confirm the global server key. |
Timeout | Specify the time-out period in seconds (1 to 60). The default value is 3. |
Retries | Specify the number of times you want to allow the user to retry authentication. The default value is 1. |
Apply | Applies your settings to the running configuration. |
Control | Description |
Add a RADIUS Server | Displays the controls to add a RADIUS server. |
Hostname or IP Address | Specify the hostname or server IP address. The IP address can be either IPv4 or IPv6. For IPv6 specify an IP address using this format: eight 16-bit hexadecimal strings separated by colons, 128-bits. For example: 2001:38dc:0052:0000:0000:e9a4:00c5:6282 You don’t need to include leading zeros. For example: 2001:38dc:52:0:0:e9a4:c5:6282 You can replace consecutive zero strings with double colons (::). For example: 2001:38dc:52::e9a4:c5:6282 |
Authentication Port | Specify the port for the server. |
Authentication Type | Select one of these authentication types: • PAP - Password Authentication Protocol (PAP), which validates users before allowing them access to the RADIUS server resources. PAP is the most flexible protocol but is less secure than CHAP. • CHAP - Challenge-Handshake Authentication Protocol (CHAP), which provides better security than PAP. CHAP validates the identity of remote clients by periodically verifying the identity of the client using a three-way handshake. This validation happens at the time of establishing the initial link and might happen again at any time. CHAP bases verification on a user password and transmits an MD5 sum of the password from the client to the server. • MS-CHAPv2 - MS-CHAP is the Microsoft version of CHAP. MS-CHAPv2 is a more secure authentication protocol than PAP or CHAP. (CHAP uses MD5 while MS-CHAPv2 uses MD4 and SHA-1 which might not be FIPS compliant.) |
Override the Global Default Key | Overrides the global server key for the server. |
Server Key - Specify the override server key. | |
Confirm Server Key - Confirm the override server key. | |
Timeout | Specify the time-out period in seconds (1 to 60). The default value is 3. |
Retries | Specify the number of times you want to allow the user to retry authentication. Valid values are from 0 to 5. The default value is 1. |
Enabled | Enables the new server. |
Add | Adds the RADIUS server to the list. |
Remove Selected | Select the check box next to the name and click Remove Selected. |