RADIUS configuration
In this post we will take a look at idemeum RADIUS application configuration.
Create RADIUS application
- Navigate to your customer admin portal →
customer-<your msp domain>.idemeum.com
- Choose
Applications
in the left menu - Click
Add app
thenCatalog app
- Then search for
RADIUS
in the search bar, choose Wi-Fi or VPN RADIUS application and clickAdd app
- Now you can set up the configuration options for your RADIUS application
Public IP address
- enter the IPv4 address from where the requests will be coming from. Typically this is your WAN / Public IP address of the router.Shared secret
- secret that protects the communication between your Wi-Fi or VPN NAS. You will need this value when you set up the integration with your infrastructure.Authentication mode
- choose how your users will be authenticated to Cloud RADIUS, i.e. password, or MFA.
Advanced settings
We support an advanced use case where you can configure both VPN and Wi-Fi RADIUS integrations where requests will be originating from the same public IP address. For this to work, we still need to differentiate the RADIUS requests, as a result we will need to rely on the NAS IP Address
. Typically this will be the internal IP address of your integrating device, i.e internal IP address of VPN gateway.
- Expand the
Advanced settings
menu - Add the
NAS IP addresses
for the RADIUS integrating products
❗
Sending NAS IP address needs to be supported by your application. Some integrating devices might not support this feature. Check the documentation of your VPN and W-Fi products.
Save
the configuration
Entitle RADIUS application
Now you need to configure who will have access to this RADIUS application. You can entitle application directly to users, or can leverage idemeum groups for that. For example, if you want to entitle your RADIUS application to all admins:
- Navigate to
Entitlements
- Create a new rule and provide a rule name
- Choose
Group
for IF condition - Select
All admins
group - Choose the RADIUS application that you created