Configuring a radius proxy – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility RFS Controller System Reference Guide

649

53-1003099-01

11

4. Specify a Shared Secret for authenticating the RADIUS client.

Shared secrets verify RADIUS messages with RADIUS enabled device configured with the
same shared secret. Select the Show checkbox to expose the shared secret’s actual
character string, leaving the option unselected displays the shared secret as a string of
asterisks (*).

5. Click OK button to save the server policy’s client configuration. Click the Reset button to revert

to the last saved configuration.

Configuring a RADIUS Proxy

A user’s access request is sent to a proxy server if it cannot be authenticated by local RADIUS
resources. The proxy server checks the information in the user access request and either accepts
or rejects the request. If the proxy server accepts the request, it returns configuration information
specifying the type of connection service required to authenticate the user.

The RADIUS proxy appears to act as a RADIUS server to the NAS, whereas the proxy appears to act
as a RADIUS client to the RADIUS server.

When the RADIUS server receives a request for a user name containing a realm, the server
references a table of configured realms. If the realm is known, the server proxies the request to the
RADIUS server. The behavior of the proxying server is configuration-dependent on most servers. In
addition, the proxying server can be configured to add, remove or rewrite requests when they are
proxied.

To define a proxy configuration:

1. Select the Proxy tab from the RADIUS Server Policy screen.

FIGURE 24

RADIUS Server Policy screen - Proxy tab