Configuring group-level radius authentication – Panasonic NN46110-600 User Manual
Page 64
Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".
54 Chapter 2 Configuring servers
If a valid class attribute is not returned, then PPTP users are placed in the default
group as configured on the Servers > RADIUS Auth window.
Note: Everything about the authentication type must match; for
example, if you send an encrypted password, then MS-CHAP must be
enabled on the RADIUS authentication window and the RADIUS server
must support MS-CHAP.
Configuring group-level RADIUS authentication
In remote access deployments, if you want to partition users across several
different RADIUS servers, the VPN Router can connect to the appropriate server
when authenticating a specific user. This group-level authentication is particularly
useful for large installations with many different databases, and for carriers that
have a business need to keep customer authentication domains separate.
To configure the group-level RADIUS authentication server for each group:
1
Select
Profiles
>
Groups
>
Edit
>
IPsec Configure
.
2
Click the
Configure Group Level RADIUS Servers
link in the
Authentication
section. You can configure the following:
A primary and two alternate RADIUS servers
IP address, interface, port, and secret
UserID suffix removal and delimiter value
Response Time out and Maximum Transmission Attempts
For user name/password authentication, the PAP/CHAP settings are
retrieved from the Servers > RADIUS Authentication Servers window.
NN46110-600