ADC

RADIUS authentication using TCP or TLS

October 14, 2023

Contributed by:

C H S

Starting from release 13.1–27.59, RADIUS authentication is supported on TCP and TLS protocols as well.

Note:

The Test RADIUS Reachability option is not supported for RADIUS on TCP and TLS transport types.

RADIUS authentication using UDP is not supported on FIPS appliances.

Configure RADIUS over TCP by using the CLI

At the command prompt type:

add authentication radiusAction <name> [-serverIP] [-serverPort ] [-transport <transport>]
<!--NeedCopy-->

Example:

add authentication radiusAction RadAction -serverIP 1.1.1.1 -radkey 123 -transport TCP
<!--NeedCopy-->

Configure RADIUS over TCP by using the GUI

Navigate to Security > AAA - Application Traffic > Policies > Authentication > Advanced Policies > Actions > RADIUS.
Select an existing server or create a server.

For details on creating a server, see To configure a RADIUS server by using the GUI.
In Transport, select TCP.
Click Create.

Configure RADIUS over TLS by using the CLI

At the command prompt type:

add authentication radiusAction <name> [-serverIP] [-serverPort ] [-transport <transport>] [-targetLBVserver <string>]
<!--NeedCopy-->

Example

add authentication radiusAction RadAction -serverIP 1.1.1.1 -radkey 123 -transport TLS -targetLBVserver rad-lb
<!--NeedCopy-->

Note:

Server name is not supported for TLS transport type.

For the TLS transport type, configure a target load balancing virtual server of type TCP and bind a service of type SSL_TCP to this virtual server.

The IP address and the port number configured for RADIUS action must match the IP address and port number of the configured target load balancing virtual server.

Configure RADIUS over TLS by using the GUI

Navigate to Security > AAA - Application Traffic > Policies > Authentication > Advanced Policies > Actions > Servers.
Select an existing server or create a server.

For details about creating a server, see To configure a RADIUS server by using the GUI.
In Transport, select TLS.
In Target Load Balancing Virtual Server, select the virtual server. For details on creating a load balancing virtual server, see Creating a virtual server.
Note:
- Server name is not supported for TLS transport type.
- For the TLS transport type, configure a target load balancing virtual server of type TCP and bind a service of type SSL_TCP to this virtual server.
- The IP address and the port number configured for RADIUS action must match the IP address and port number of the configured target load balancing virtual server.
Click Create.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

RADIUS authentication using TCP or TLS

October 14, 2023

Contributed by:

C H S

October 14, 2023

Contributed by:

C H S

RADIUS authentication using TCP or TLS

Configure RADIUS over TCP by using the CLI

Configure RADIUS over TCP by using the GUI

Configure RADIUS over TLS by using the CLI

Configure RADIUS over TLS by using the GUI

In this article