Settings
Go to Common Settings to configure the general settings for RADIUS Server.
Authentication methods supported by RADIUS Server: PAP, MS-CHAP, PEAP, EAP-MSCHAPv2, and EAP-TTLS.
- Authentication port: RADIUS Server's port number for interface protocols. The default value is 1812 for authentication.
- Select network interface: Select the network interfaces that are connected to RADIUS client devices (e.g., a router). RADIUS Server provides authentication services only for access requests coming from the specified interface.
- TLS/SSL profile level: Select the security level for HTTPS encrypted connections.
- Intermediate compatibility: The default setting. This option is recommended because it is compatible with general-purpose browsers but is not compatible with insecure cipher suites.
- Old backward compatibility: This option is not secure but it is compatible with most browsers, as well as outdated and insecure cipher suites. Select this option only if a high level of browser compatibility is necessary. The table below shows the TLS version supported by each compatibility level.
Compatibility TLS Version Intermediate 1.2 Old backward 1.2, 1.1, and 1.0 - Source for user authentication: RADIUS Server can authenticate local users, LDAP users, or domain users. The user account format is shown below (the account is not case sensitive):
- Local user account: tonywu
- LDAP user account: tonywu@ldap.domain
The user account name you enter (e.g., "tonywu") will be translated to "tonywu@the LADP domain you joined". - Domain user account: AD\tonywu
If the source of user account is AD domain and it has a trust relationship with another domain, the account name you enter (e.g., "tonywu") will be translated to "the domain you joined\tonywu".
Note:
- Go to Control Panel > Domain/LDAP to set up an AD domain or LDAP environment before selecting AD domain accounts or LDAP service accounts.
- A user who is deactivated at Control Panel > User & Group cannot be authenticated by RADIUS Server.