This article provides information on how to change the default RADIUS authentication ports of 1645 and 1812 to a non-standard ports.
To make these changes from the Operations Console, 1. Login to the Operations Console and select Deployment Configuration > RADIUS Servers.2. Click on the context arrow next to the name of the RADIUS primary server and choose Manage Server Files.3. Click on the context arrow next to the radius.ini file and select Edit.4. Scroll to the [Ports] section. Note that UDPAuthPort is used for RADIUS authentication and UDPAcctPort is for RADIUS accounting. 5. Change the port number according to the business requirements. By default the entries will look like the example below:
[Ports]
TcpControlPort = 1812
;TcpControlAddress = 1.2.3.4
SecureTcpAdminPort = 1813
;SecureTcpAdminAddress = 1.2.3.4
UDPAuthPort = 1645
UDPAcctPort = 1646
UDPAuthPort = 1812
UDPAcctPort = 1813
;UDPProxyPortBlockStart = 28000
;UDPProxyPortBlockLength = 64
6. The following example shows that the UDPAuthPort was changed to 2500 and RADIUS authentication is allowed on both 2500 and 1812.
[Ports]
TcpControlPort = 1812
;TcpControlAddress = 1.2.3.4
SecureTcpAdminPort = 1813
;SecureTcpAdminAddress = 1.2.3.4
UDPAuthPort = 2500
UDPAcctPort = 1646
UDPAuthPort = 1812
UDPAcctPort = 1813
;UDPProxyPortBlockStart = 28000
;UDPProxyPortBlockLength = 64
7. Click Save and Restart RADIUS Server for the change to take effect.
8. If there are any replicas in the deployment, the radius.ini for the replica can be changed through the primary server’s Operations Console. To do this, repeat Steps 4 – 9 for each replica.
An alternative way to make the change would be to login as the rsaadmin user to the primary server via SSH, vSphere or a direct connection.1. Navigate to /opt/rsa/am/radius.2. Open the radius.ini file in a text editor.3. Edit the [Ports] section as in the samples above.4. Navigate to /opt/rsa/am/server and restart the RADIUS service using the command ./rsaserv restart radius.5. Repeat steps 1 – 4 on each replica in the deployment.
