RSA RADIUS Overview

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

You can use RSA RADIUS with RSA Authentication Manager to directly authenticate users attempting to access network resources through RADIUS-enabled devices. A RADIUS server receives remote user access requests from RADIUS clients, for example, a VPN. The RADIUS server forwards the access requests to RSA Authentication Manager for validation. Authentication Manager sends accept or reject messages to the RADIUS server, which forwards the messages to the requesting RADIUS clients.

RADIUS is automatically installed and configured during the Authentication Manager installation. After installation, RADIUS is configured to run on the same instance with Authentication Manager.

You can use the Security Console to complete most tasks associated with managing RADIUS day-to-day operations.

Through the Security Console, you can manage the following objects:

  • View the RADIUS servers in your deployment, and the IP address and replication status of each RADIUS server.

  • Manage RADIUS clients and RADIUS client agents.

  • Manage RADIUS profiles, including assigning profiles to users, user groups and agents, and specifying a default profile.

  • Manage RADIUS user attributes and custom attributes.

  • View RADIUS server and RADIUS client statistics.

  • Initiate replication to the replica RADIUS servers.

  • Configure periodic replication to the replica RADIUS servers.

You use the Operations Console to configure RSA RADIUS and manage settings that must be made on individual instances running RSA RADIUS and for non-routine maintenance of the RADIUS servers. You perform the following tasks using the Operations Console:

  • View the RADIUS servers in your deployment, and the IP address and replication status of each RADIUS server.

  • Manage the certificates used by RSA RADIUS, including the RADIUS server certificate and the trusted root certificates for Extensible Authentication Protocol-Tunneled Transport Layer Security (EAP-TTLS) authentications.

  • Manage RADIUS server files, including RADIUS dictionary files and configuration files.

When using the Operations Console to modify RADIUS servers, the following restrictions apply:

  • Changes made to one RADIUS server are not replicated to the other RADIUS servers in your deployment, except for changes made to the following:

    • root certificates

    • peapauth.aut

    • ttlsauth.aut

  • You must restart the RADIUS server for the changes to take effect.

 

 

Related Concepts

RADIUS Profiles

Related Tasks

Add a RADIUS Client

 

 


Attachments

    Outcomes