You set up RADIUS server authentication for the selected security policy in the RADIUS page.

RADIUS is an access control protocol that uses a challenge and response method for authenticating users. Setting up RADIUS server authentication is optional.

For details about the RADIUS feature, see the SteelHead User Guide.

The RADIUS page contains these groups of settings:

These configuration options are available:

Enables a global server key for the RADIUS server.

Specifies the global server key.

Confirms the global server key.

Specifies the time-out period in seconds (1 to 60). The default value is 3.

Specifies the number of times you want to allow the user to retry authentication. The default value is 1.

These configuration options are available:

Displays the controls for defining a new RADIUS server.

Specifies the server IPv4 or IPv6 address. For IPv6 specify an IP address using this format: eight 16-bit hexadecimal strings separated by colons, 128-bits. For example: 2001:38dc:0052:0000:0000:e9a4:00c5:6282

You don’t need to include leading zeros. For example: 2001:38dc:52:0:0:e9a4:c5:6282

You can replace consecutive zero strings with double colons (::). For example: 2001:38dc:52::e9a4:c5:6282

Specifies the port for the server. The default value is 1812.

Specifies the authentication type, choose from PAP, CHAP or MS-CHAPv2.

Overrides the global server key for the server.

Specifies the time-out period in seconds (1 to 60). The default value is 3.

Specifies the number of times you want to allow the user to retry authentication. Valid values are 0 to 5. The default value is 1.

Enables the new server.

Adds the RADIUS server to the list.

If you add a new server to your network and you don’t specify these fields at that time, the global settings are applied automatically.