RADIUS configuration
In this post we will take a look at idemeum RADIUS application configuration.
Need end to end guide?
We have published end-to-end quick-start guides so that you can set up idemeum RADIUS integration for Wi-Fi or VPN with username / password, or Passwordless MFA login.
Looking for integration guide?
We have certified some RADIUS integrations and created the integration guides for them.
Overview
RADIUS integration in idemeum is represented as an application. We have created two RADIUS applications - one for Wi-Fi and one for VPN. You navigate to Applications
section, create a Radius application, configure it, and then decide which of your users will have access to this application. For instance, you can control what users can login to Wi-Fi with cloud credentials, or what groups of users can connect to VPN with Passwordless MFA.
RADIUS application configuration
Basic settings
- Navigate to your customer admin portal →
customer-<your msp domain>.idemeum.com
- Choose
Applications
in the left menu - Click
Add app
thenCatalog app
- Then search for
radius
in the search bar, choose Wi-Fi or VPN RADIUS application and clickAdd app
- Now you can set up the configuration options for your RADIUS application
Public IP address
- enter the IPv4 address of where the requests will be coming from. Typically this is your WAN / Public IP address of the router.Shared secret
- secret that protects the communication between your Wi-Fi or VPN NAS. You will need this value when you set up the integration with your infrastructure.Authentication mode
- choose how your users will be authenticated to Cloud RADIUS, i.e. password, MFA, etc.
Advanced settings (optional)
We support an advanced use case where you can configure both VPN and Wi-Fi RADIUS integrations where requests will be originating from the same public IP address. For this to work, we still need to differentiate the RADIUS requests, as a result we will need to rely on the NAS IP Address
. Typically this will be the internal IP address of your integrating device, i.e internal IP address of VPN gateway.
- Expand the
Advanced settings
menu - Add the
NAS IP addresses
for the RADIUS integrating products
Save
the configuration
Entitle RADIUS application
Now you need to configure who will have access to this RADIUS application. You can entitle application directly to users, or can leverage idemeum groups for that. For example, if you want to entitle your RADIUS application to all users:
- Navigate to
Entitlements
- Create a new rule and provide a rule name
- Choose
Group
for IF condition - Select
All users
group - Choose the RADIUS application that you created
Questions?
Drop us a note in Discord chat if you have any questions.