Radius Server Agent Configuration

Owned by Yeok Hong Ng
Last updated: May 14, 2024 by Jenni Wallin
3 min read

You open the Radius Server agent configuration dialog from a workflow configuration. To open the Radius Server agent configuration, click  Build → New Configuration. Select Workflow from the Configurations dialog. When prompted to Select workflow type, select Realtime. Click Add agent and select Radius Server from the Collection tab in the Agent Selection dialog.

NAS Tab

The list on the NAS tab can be dynamically updated.

Radius_server-NAS.png
The Radius Server agent configuration dialog - NAS tab

In the NAS tab, all NASes that the agent collects information from, are specified.

Setting

Description

Setting

Description

Host Address

The IP address or hostname that the NAS sending packets is located on.

Secret Key

Key used for authentication of a received packet. This key must be identical to the one defined in the NAS.

You can define the NAS per workflow by setting the property Additional Hosts in the Workflow Table tab in Workflow Properties to Default or Per Workflow.

When defining the servers, you need to follow the following json format:

[{"host":"<host>", "secret":"<encrypted password>"}]

This format also applies when using External References.

radiusserver-wfinstance.png
The Radius Server Additional Hosts property with value - Workflows

Miscellaneous Tab

 

Setting

Description

Setting

Description

Port

The port number on which the Radius Server agent will listen for packets from the NAS(es).

Note!

Since the NASes are configured to communicate with a specific host on this port, the workflow containing the Radius Server agent must be configured to execute on the EC associated with that host.

Two Radius agents cannot be configured to listen to the same port, on the same host.

PDU Lifetime (millisec)

If you set a value larger than 0 (zero) in this field, the Duplicate Check setting is activated. The buffer saved for comparison is the packets collected during the set time frame.

Skip MD5 Calculation

Select this checkbox to exclude the check for MD5 signatures. This is needed when the Radius client does not send MD5 signatures along with the packets, since a check would then result in the packets being discarded by the Radius Server agent.

Note!

When Skip MD5 Calculation is selected, the authenticator field in all response messages will be 0 (zero).

Duplicate Check

You can check for duplicate packets based on:

  • Radius Standard - the identifier within the packet (byte number 2).

  • CRC32 - check sum for the complete packet.

When a duplicate is detected, it is silently thrown away (no message is logged) and the Radius agent responds as if a normal packet was received.

Error Handling

Select an Error Route to ensure that all rejected packets are routed into the workflow using this route. This is optional.

Â