Starting in Secret Server 7.0, Secret Server allows the use of RADIUS two-factor authentication on top of the normal authentication process for additional security needs.
To configure RADIUS for your instance of Secret Server, follow the steps below
-
Login to an account with Administer Configuration and Administer RADIUS permissions.
-
Go to Administration menu, choose Configuration, and select the Login tab.
-
You need to setup Secret Server with your RADIUS server information by going into edit mode:
- Enable RADIUS Integration
- RADIUS Server IP (IP address to your RADIUS Server).
- RADIUS Client Port (default 1812, NOTE: if your RADIUS server runs on the same machine as your Secret Server, client and server ports must be different).
- RADIUS Server Port (default 1812 for RSA and 1812 for AuthAnvil).
- RADIUS Shared Secret (must match chosen RADIUS shared secret on your RADIUS Server). Note this is a Radius term ("Shared Secret") and is not related to any Secret Server secret.
- RADIUS Login Explanation (custom message or instruction). Defaults to "Please enter your RADIUS passcode".
-
Click Save button after you have confirmed your entries.
-
To test your settings, click the Test RADIUS Login button.
After enabling RADIUS on your Secret Server, you must enable RADIUS two-factor authentication for each user. You can enable it on a per-user basis. To do so, follow the steps below:
- Login to an account with Administer Configuration and Administer RADIUS permissions.
- Go to Administration menu, choose Users, and click on the User Name of the user you wish to enable.
- Click on the Edit button, and check the RADIUS Two Factor Authentication box.
- Enter the RADIUS User Name for this user in the text box (NOTE: Secret Server defaults this value to its user name. If you wish to use this default name, it must match the user name on the RADIUS server.)
- Review your settings and click Save.
- Repeat 3-5 for each user that needs to use RADIUS.
Article ID: 69, Created On: 1/8/2010, Modified: 6/22/2011