Add a RADIUS ProfileAdd a RADIUS Profile
A RADIUS profile is a named collection of attributes that specify session requirements for a user requesting remote network access. Attributes are contained in a checklist or return list.
You can add a profile to create a collection of checklist and return list attributes that you want to assign to users, user aliases, trusted users, or agents.
Before you begin
At least one RADIUS client must exist in the deployment before you can create a RADIUS profile.
Procedure
-
In the Security Console, click RADIUS > RADIUS Profiles > Add New.
-
In the Profile Name field, enter a unique name that identifies the purpose for this profile, for example, SALES.
After you save the profile, you can change its name by editing the profile.
-
In the Notes field, enter any notes for this profile, for example, Use this profile for all employees in Sales.
-
In Return List Attributes, do one of the following:
-
If you want to add an attribute, select each return list attribute, enter its corresponding value for this profile, and click Add.
You can add an attribute more than one time. Multiple-value attributes may appear several times in the checklist or return list. Any one of the values is valid. For more information about the attributes and their values, see the RADIUS client documentation.
-
If you want to remove an attribute, select the attribute from the list box, and click Remove.
-
If you want to update an attribute, select the attribute from the list, enter the updated value in the field, and click Update. If an attribute appears more than once in the return list, click Up or Down to specify the necessary order for the attribute and its value.
-
If you do not want to specify a particular value, but want to make sure that the attribute value in the RADIUS request is echoed to the client in the RADIUS response, select Echo for the attribute.
-
-
In Checklist Attributes, do one of the following:
-
If you want to add an attribute, select each checklist attribute, enter its corresponding value for this profile, and click Add. For more information about the attributes and their values, see the RADIUS client documentation.
You can add an attribute more than one time. Multiple-value attributes may appear several times in the checklist or return list. Any one of the values is valid. For more information about the attributes and their values, see the RADIUS client documentation.
-
If you want to remove an attribute, select the attribute from the list box, and click Remove.
-
If a RADIUS client does not send one of these attributes (for example, Port-Limit), and you select Default for the attribute (for example, Port-Limit), the RADIUS server still processes the authentication request. If a RADIUS client does not send one of these attributes, and you do not select Default for the attribute, the RADIUS server rejects the authentication request.
-
-
Click Save.
After you finish
-
(Optional) Specify the Default RADIUS Profile. By default, RSA RADIUS does not contain a default RADIUS profile. You must be a Super Admin to specify the default profile.
-
Assign RADIUS profiles to users, user aliases, trusted users, and authentication agents associated with RADIUS clients. For more information, see RADIUS Profile Associations.