Add a RADIUS Profile

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

A RADIUS profile is a named collection of attributes that specify session requirements for a user requesting remote network access. Attributes are contained in a checklist or return list.

You can add a profile to create a collection of checklist and return list attributes that you want to assign to users, user aliases, trusted users, or agents.

Procedure 

  1. In the Security Console, click RADIUS > RADIUS Profiles > Add New.

  2. In the Profile Name field, enter a unique name that identifies the purpose for this profile, for example, SALES.

    After you save the profile, you cannot change its name. If you want to rename the profile, you must delete it and then add a new profile with the new name.

  3. In the Notes field, enter any notes for this profile, for example, Use this profile for all employees in Sales.

  4. In Return List Attributes, do one of the following:

    • If you want to add an attribute, select each return list attribute, enter its corresponding value for this profile, and click Add. For more information about the attributes and their values, see the RADIUS client documentation.

    • If you want to remove an attribute, select the attribute from the list box, and click Remove.

    • If you want to update an attribute, select the attribute from the list, enter the updated value in the field, and click Update. If you enter a multivalued return list attribute (marked with an M) that is orderable (marked with an O), click Up or Down to specify the necessary order for the attribute and its value.

    • If you do not want to specify a particular value, but want to make sure that the attribute value in the RADIUS request is echoed to the client in the RADIUS response, select Echo for the attribute.

  5. In Checklist Attributes, do one of the following:

    • If you want to add an attribute, select each checklist attribute, enter its corresponding value for this profile, and click Add. For more information about the attributes and their values, see the RADIUS client documentation.

    • If you want to remove an attribute, select the attribute from the list box, and click Remove.

    • If a RADIUS client does not send one of these attributes (for example, Port-Limit), and you select Default for the attribute (for example, Port-Limit), the RADIUS server still processes the authentication request. If a RADIUS client does not send one of these attributes, and you do not select Default for the attribute, the RADIUS server rejects the authentication request.

  6. Click Save.

  7. To notify the RADIUS replica servers about this new profile, initiate replication to the replica servers. Once configured, replication takes place every 15 minutes. For instructions, see Initiate Replication to RADIUS Replica Servers.

 

 


Attachments

    Outcomes