7.4 Setting Up the iChain RADIUS Client

To set up the iChain RADIUS Client, complete these tasks:

7.4.1 Adding a RADIUS Authentication Profile

  1. In the proxy server administration tool, click Configure, click Authentication, then click Insert.

  2. Specify a name for the Radius profile.

  3. Click RADIUS Authentication, then click RADIUS Options.

  4. Specify the RADIUS server's IP address.

  5. Specify 1645 for the Novell NMAS RADIUS server's port number.

  6. Specify the shared secret set up in Adding the iChain Proxy Server As a Client of the DAS Object.

  7. Click OK twice, then click Apply.

7.4.2 Adding RADIUS Authentication to an Accelerator

  1. In the proxy server administration tool, click Configure, then click Web Server Accelerator.

  2. Select the accelerator you want to add the RADIUS authentication profile to.

  3. Click Modify, click Enable Authentication, then click Authentication Options.

  4. Select the Radius profile created in Adding a RADIUS Authentication Profile.

  5. Click Add, click OK twice, then click Apply.

You are now ready to authenticate through RADIUS by using the token login method.

7.4.3 Adding an LDAP Profile for Mapping a RADIUS User in the Authentication LDAP Directory

If you are using RADIUS as your only authentication method for an accelerator, then the RADIUS user must be mapped to a user in the authentication LDAP directory. Create an LDAP authentication profile named ldaprad to be used for the mapping. Make sure you specify the following:

  • Server address

  • User name and password for searches

  • LDAP login method

NOTE:If there is not an ldaprad profile to do the mapping, or if the configuration of the ldaprad profile does not locate a user, the authentication fails, even when the RADIUS server returns a success to the iChain server on the authentication.