When dialing-in using the PPP protocol (Point-to-Point protocol), RADIUS can be used to check client access authorizations. A client can dial-in to the network from anywhere. The resulting data transmission between client and authenticator is encrypted.
LANconfig: Communication / RADIUS
WEBconfig: LCOS menu tree / Setup / WAN / RADIUS
- Radius server [default: disabled]
When authenticating using RADIUS, the user administration and authentication
tasks are passed on to a RADIUS server.
- Disabled: The functionality of RADIUS is disabled and no requests are forwarded to the RADIUS server.
- Enabled: The functionality of RADIUS is enabled and requests may be forwarded to the configured RADIUS server. Depending on the setting, other sources may be used for the authentication process (e.g. PPP list).
- Exclusive: RADIUS functionality is enabled and the authentication process is run exclusively by RADIUS.
- Server IP address Specify here the IP address of your RADIUS server from which users are managed centrally.
- Server port [default: 1.812] Specify here the port used for communication to your RADIUS server.
- Key (shared secret) Specify here the key to be used for coding data. The key must also be configured on the RADIUS server.
- PPP mode [default: disabled]
A RADIUS server may be used for the authentication process when dialing-in
using PPP.
- Disabled: PPP clients are not authenticated using RADIUS. They are checked exclusively using the PPP list.
- Enabled: RADIUS authentication for PPP clients is enabled. User data supplied by clients is first checked using the PPP list. If no matching entry is found in the PPP list, the client is checked by the RADIUS server. Authentication is successful if the PPP list checkor RADIUS server check returns as positive.
- Exclusive: RADIUS authentication for PPP clients is enabled. User data supplied by clients is checked exclusively by the RADIUS server. In this mode, it is just the advanced settings of the PPP list for the user which are interpreted (e.g. check for PAP/CHAP – or the allowed protocols IP, IPX and/or NetBIOS).
- CLIP mode [default: disabled]
A RADIUS server may be used for control of a return call when dialing-in
using PPP.
- Disabled: The return call function is not controlled by RADIUS. Only those entries in the name list are used.
- Enabled: The RADIUS function for the return call is enabled. Telephone
numbers reported by clients are first checked using the name list.
If no matching entry is found in the name list, the telephone number
is checked by the RADIUS server. If the name list check or RADIUS
server check returns as positive, a return call can be established. Note: If the telephone number communicated is in the name list, but no return call is active there, RADIUS ceases checking.
- Exclusive: The RADIUS function for the return call is enabled. User data reported by clients is checked exclusively by the RADIUS server.
- CLIP password
Password for return call control.
Note: The generic values for retry and timeout must also be configured . They are under PPP on the same page as PPP parameters.