Using RADIUS
Transactions between the client and RADIUS server are authenticated through the use of a shared secret, which is never sent over the network. In addition, any user passwords are sent encrypted between the client and RADIUS server, to eliminate the possibility that someone snooping on an unsecured network could determine a user's password.
There has been some confusion in the assignment of port numbers for this protocol. The early deployment of RADIUS was done using the erroneously chosen port number 1645, which conflicts with the "datametrics" service. The officially assigned port number for RADIUS is 1812. So, be sure which port your RADIUS server uses before configuring it in the Prestige.
[Note]: The Prestige is configured with default port 1645, please reboot the Prestige it is changed to 1812.
# Zyxel proprietary attributes ATTRIBUTE Zyxel-Callback-Option 192 integer VALUE Zyxel-Callback-Option None 0 VALUE Zyxel-Callback-Option Optional 1 VALUE Zyxel-Callback-Option Mandatory 2 # Zyxel
Callback phone number source |
3. Enter the RADIUS client IP and the encrypted key in the 'Clients' file. See an example below.
# This file contains a list of clients which are allowed to make # authentication requests and their encryption key. # The first field is a valid hostname for the client. # The second field (separated by blanks or tabs) is the encryption key. # #Client Name Key #---------------- ------------------- #portmaster1 testing123 203.66.113.187 key187 |
In this example, the new client 203.66.113.187 is the Prestige router. The key 'key187' must be configured in SMT Menu 23.2 later..
4. Enter the user profile including username and password in the 'Users' file. See an example below.
# Example 1: PPP user without callback. # # Username Password= " " #---------------------------------------------------------- ray Password = "12345" # # Example 2: PPP user with Callback. # # Username Password= " " #---------------------------------------------------------- test Password = "1234" Zyxel-Callback-Option = Mandatory, Zyxel-Callback-Phone-Source = Preconfigured CallBack-Number = "523444"
|
5. Run "RADIUS.EXE -X15" to turn on the RADIUS service.
|
Key Settings:
6. Please check there is no duplicate user setting in SMT menu 14 compared to the 'Users' file in step 4.
All contents copyright © 1999 ZyXEL Communications Corporation.