RADIUS Authentication screen
This screen allows you to specify that the Authentication Manager should make a RADIUS call to delegate authentication to an existing RADIUS authentication manager instead of using Powertech Multi-Factor Authentication to authenticate users.
See Configuring RADIUS Authentication.
How to Get There
In the Navigation Pane, choose RADIUS Authentication.
Options
Authenticate Using RADIUS; Off • On
Toggle this switch to On to indicate that you intend to use a RADIUS server for user authentication. Additional RADIUS settings appear. Toggle this switch to Off if you do not intend to use a RADIUS server for user authentication.
Validate Settings
Click this button to validate the settings with the RADIUS server.
Server
Server Location
The IP address or domain name of the RADIUS server.
Port
This is the port number used to communicate with the RADIUS server. The default value is 1812.
Secret Key •
The Secret Key used to access the RADIUS server. Click to show the text.
Timeout
The number of seconds before the connection attempt is aborted.
Retries
The number tries before the connection attempt is aborted.
Authentication
Authentication Protocol; PAP • CHAP
Choose the protocol used to authenticate; Password Authentication Protocol (PAP), or Challenge Handshake Authentication Protocol (CHAP).
Authentication Manager Type
- RSA SecurID: RSA SecurID authentication manager, with RADIUS support enabled. When selected, the Authentication Prompt field is set to "Enter passcode" and cannot be changed per RSA's standards.
- RADIUS Server Requiring Only User Name: RADIUS server configured to authenticate without first requiring the user to enter credentials (for example, Duo RADIUS proxy configured for mobile only authentication).
- RADIUS Server Requiring Credentials: RADIUS server configured to request credentials (user name/password/OTP) from a user before authentication.
Authentication Prompt
The prompt displayed to the authenticating user. This field can be modified unless RSA SecurID is selected for the Authentication Manager Type, in which case RSA's standard "Enter passcode" language is used for the authentication prompt (and cannot be changed).