B.0 Radius Authentication Options

You can use different authentication protocols through the RADIUS server.

Authentication Protocol

radiusAuthType

eDir-Auth-Option

password_attribute

PAP

LDAP

Leave as blank

Leave as blank

CHAP

CHAP

Leave as blank

nspm password

Token-based Authentication (OTP)

LDAP

digipass (for VASCO digipass method)

Leave as blank

Ensure that you use the following settings for these authentication protocols:

  • For PAP, CHAP, and OTP, ensure that you specify an appropriate value for the radiusAuthType attribute for each authentication protocol as indicated in the table.

  • On SUSE Linux Enterprise Server (SLES) 10, add the default authentication entry in the /etc/raddb/users configuration file. For more information, see Configuring Token Authentication for FreeRADIUS on SLES.

  • On SLES 11, select digipass as default login sequence for token-based authentication. For more information, see Configuring Token Authentication for FreeRADIUS on SLES

  • CHAP authentication requires Universal Password. Enable the password_attribute and set it to nspmpassword.