Using RADIUS authentication profiles

You can control how clients are authenticated using third-party configuration properties in RADIUS authentication profiles.

About this task

To configure a SafeLinx Server to connect using RADIUS, or a combination of methods, create an authentication profile or profiles, then assign them to a connection profile or HTTP access service.

Procedure

  1. Click the Resources tab.
  2. Right-click the OU in which you want to create an authentication profile.
  3. Create an authentication profile. Select Add Resource > Authentication profile > RADIUS.
  4. If this is a connection profile for connection with SafeLinx Clients, determine if they should receive an additional challenge for authentication. If this option is not selected, the SafeLinx Client user account is passed to the RADIUS server. Then, edit the properties of the SafeLinx Server. Review the port number of the SafeLinx Server that listens for RADIUS servers. All RADIUS servers use the same port and shared secret.
  5. Determine if you want to enable lightweight third-party authentication (LTPA) and single sign-on (SSO). If so, specify the realm (or domain) to encode in the token, attribute to encode in the token, lifetime in minutes of the LTPA token, the SSO domain , and whether SSO should use transport layer security (TLS) connections only.
  6. Assign the authentication profile to the resource that uses it.

    Edit the properties of the connection profile or HTTP access services. Click the Security tab, then select the Authentication profile that you want.

    When all verifications that are configured pass, the SafeLinx Server finalizes the SafeLinx Client login.