RSA RADIUS already has an Ascend RADIUS dictionary with the RADIUS attributes Ascend-Client-Primary-DNS (attribure 135) & Ascend-Client-Secondary-DNS (attribute 136) which have been confirmed to work with the Telstra Next G wireless service. Prerequisite : RSA RADIUS needs to be configured for RSA SecurID Appliance 3.0 Service Pack 4 or RSA Authentication Manager 7.1 Service Pack 4 (by default RSA RADIUS is configured during the deployment of RSA Authentication Manager 8.x). The RADIUS client configured for the Telstra Next G wireless service must have a Make / Model of 'Ascend MAX Family' in order to use the two RADIUS attributes; RADIUS attributes Ascend-Client-Primary-DNS (attribure 135) & Ascend-Client-Secondary-DNS (attribute 136).
Steps:
With an administrative account use Security Console > RADIUS > RADIUS Client > Manage Existing > Left-click Client Name and select Edit. Change the Make / Model field in RADIUS Client Settings and Save the changes.
Example:
..this then allows the administrator to select Ascend-Client-Primary-DNS & Ascend-Client-Secondary-DNS RADIUS attributes from the Attribute drop-down in the Return List Attributes section of the RADIUS profile.
With an administrative account use Security Console > RADIUS > RADIUS profiles > Add New > Enter a Profile Name, select the required Attributes and click Save. Alternatively use Security Console > RADIUS > RADIUS profiles > Manage Existing > Left-click Profile Name and select Edit. Add the Ascend-Client-Primary-DNS & Ascend-Client-Secondary-DNS to the existing RADIUS Profile and click Save. Example:
The next step is to assign the saved RADIUS profile to the end user (if not do so already) via Identity > Users > Manage Existing > use the Search Criteria to find the user > Left-click User ID and select Authentication Settings from the menu. In the RADIUS section of Authentication Settings select the RADIUS profile name using the pull-down for User RADIUS Profile and Save.
Example:
 Perform RADIUS authentication tests to confirm the RADIUS attributes are being returned to the RADIUS client after a successful authentication. |