Multi-Tech Systems RF660 User Manual
Chapter 6 – RouteFinder Software
Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D)
56
Administration > User Authentication > RADIUS & SAM
Administration > User Authentication > RADIUS & SAM
RADIUS (Remote Authentication Dial-In User Service) is a protocol with which equipment such as an ISDN router can
access information from a central server for user authentication. It also manages technical information needed for the
communication of the router with the equipment of the caller. This includes, for example, the protocols used, IP addresses,
telephone numbers, timeouts, routes, etc. Together they create a user profile that is stored in a file or a database on the
RADIUS server. RADIUS is also used as a generic authentication protocol.
The RADIUS protocol is very flexible and is available for most operating systems, including Microsoft Windows NT/2000.
RouteFinder RADIUS implementation lets you configure access rights on the basis of proxies and users.
A RADIUS server should not be visible to the world at large, but should be contained behind the firewall. If the RADIUS
server is visible from the Internet, a number of attacks become possible.
access information from a central server for user authentication. It also manages technical information needed for the
communication of the router with the equipment of the caller. This includes, for example, the protocols used, IP addresses,
telephone numbers, timeouts, routes, etc. Together they create a user profile that is stored in a file or a database on the
RADIUS server. RADIUS is also used as a generic authentication protocol.
The RADIUS protocol is very flexible and is available for most operating systems, including Microsoft Windows NT/2000.
RouteFinder RADIUS implementation lets you configure access rights on the basis of proxies and users.
A RADIUS server should not be visible to the world at large, but should be contained behind the firewall. If the RADIUS
server is visible from the Internet, a number of attacks become possible.
Note:
In order to use any of these authentication methods, you must activate user authentication and the type of
authentication for the services. Mark the option (Local, SAM, RADIUS) in the select menu of the respective services. SSH by
default authenticates users using the local system, and you cannot disable local authentication for SSH; whereas, for
SOCKS and HTTP, any type of authentication can be enabled or disabled.
default authenticates users using the local system, and you cannot disable local authentication for SSH; whereas, for
SOCKS and HTTP, any type of authentication can be enabled or disabled.
RADIUS Prerequisite
Before you can activate RADIUS authentication, you need a RADIUS server on your network. The server could also
be somewhere in the external network (Internet). But, since the passwords are transferred in plain text, we strongly
recommend that the RADIUS server be located close to the RouteFinder and that they are connected via a
switching hub. In case of transfer via a public network, we recommend the use of an encrypted tunnel.
be somewhere in the external network (Internet). But, since the passwords are transferred in plain text, we strongly
recommend that the RADIUS server be located close to the RouteFinder and that they are connected via a
switching hub. In case of transfer via a public network, we recommend the use of an encrypted tunnel.
RADIUS Settings
RADIUS Server Address
Set the IP address of the RADIUS server.
RADIUS Server Secret
Enter the password for the RADIUS server.
Save
After entering the above parameters, click the Save button.
A Note About Microsoft IAS
For information about Microsoft’s IAS (RADIUS server for MS Windows NT and 2000), see Multi-Tech’s
RASExpress RADIUS Setup Reference Guide. The guide also gives you step-by-step setup examples and
links to Microsoft’s ISA site.
RASExpress RADIUS Setup Reference Guide. The guide also gives you step-by-step setup examples and
links to Microsoft’s ISA site.