Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and accounting management for users who connect and use a network service. The RADIUS protocol is supported by authentication methods in the Smart ID Digital Access component. See also Examples - Set up Nexus OTP and Nexus Mobile Text as 2FA.
RADIUS client and RADIUS server
A RADIUS client is the client connecting to a RADIUS server for authentication.
-
The RADIUS client can be the policy service, a firewall, or the RADIUS plug-in for the policy service.
-
Usually, the RADIUS server is the authentication service, but it can proxy the access request to another authentication server, depending on the authentication method being used.
RADIUS back-end server
RADIUS back-end servers refer to authentication servers handling third-party authentication methods. The authentication service can proxy access requests to one or several back-end servers. A back-end server can be an RSA SecurID Server, for example.
Step-by-step instructions
Before you start, log in to Digital Access Admin with an administrator account.
Add RADIUS client
-
In Digital Access Admin, go to Manage System.
-
Click RADIUS Configuration > Add RADIUS Client...
-
Enter General Settings and Attributes. Click the ?-sign for help.
-
Click Save.
Add RADIUS back-end server
To enable the use of RADIUS back-end servers:
-
In Digital Access Admin, go to Manage System.
-
Click Authentication Service > Manage Global Authentication Service Settings...
-
Check Proxy unknown users.
-
Click Save.
To add RADIUS back-end server:
-
In Digital Access Admin, go to Manage System.
-
Click RADIUS Configuration > Add RADIUS Back-End Server...
-
Enter General Settings. Click the ?-sign for help.
-
Click Save.