Radius Client Agent Configuration(4.0)
The configuration of the Radius Client agent consists of two tabs:
- Radius Servers
- Miscellaneous
Radius Servers Tab
The Radius Servers tab enables you to configure an IP address and a secret key for every RADIUS server that the agent communicates with.
Item | Description |
---|---|
Host Address | The IP address or hostname of the RADIUS server. |
Secret Key | The shared secret key is used to sign RADIUS transactions between the server and its client, as well as to encrypt user-password attributes. |
Throughput Threshold | If throttling has been enabled for the host, this field will show the configured threshold for when requests (UDRs) should be throttled. Throttled UDRs will be routed back into the workflow. For example: 1.000 (which means a maximum of 1.000 requests/second will be forwarded). |
To Add a Server
In the configuration for the Radius Client agent, click on the Add button. The Add Radius Server dialog opens.
Enter the IP address or hostname and secret key for the server in the Host Address and Secret Key fields.
If you want to enable throttling for the host, select the Enable Throttling check box, and then enter the maximum number of UDRs (requests) per second you want the agent to forward in the Throughput Threshold (UDR/s) field.
Note!
Ensure that you handle the throttled UDRs in your APL code in the workflow in order to not loose any UDRs.
4. Click on the Add button and the server will be added in the table containing Radius Servers, and then click on the Close button to close the dialog when you are finished adding hosts.
Miscellaneous Tab
Item | Description |
---|---|
Host | Enter either the IP address or the hostname through which the agent will bind with the Radius servers. Note! Since the Radius servers are configured to communicate with a specific host on this port, it is important that the workflow that includes the Radius agent is configured to execute on the associated EC for that specific host, and not on a random one. Two Radius agents should not be configured to listen through the same port, on the same host. |
Source Port | Enter the local port through which the agent will bind with the Radius servers. |
Additional Ports | In case you want to use a range of ports, enter the number of consecutive ports in this field. For example, if you enter 2000 in the Source Port field and 10 in the Additional Ports field, the ports 2000-2010 will be used. |
Retry Count | The maximum number of attempts to send. An attempt to send occurs if a response is not received within the Retry Interval time. |
Retry Interval | Enter the time interval, in seconds, between repeated attempts to send. |
Skip MD5 Calculation | Select to exclude the use of the MD5 hashing algorithm. Note! When the Skip MD5 Calculation check box is selected, the authenticator field in all the request messages turn 0 (zero). |
Identifier Calculation | Select this check box if you want an identifier to be calculated and appended to the requests automatically. This identifier will be used for correlating requests with answers. As the maximum number of pending requests to a specific port is 256, the identifier range will be 0-255. |
Error Handling | Select an Error Route to ensure that all rejected packets are routed into the workflow using this route. |
Note!
See Handling of UDP traffic for Radius to know how UDP traffic is handled for Radius Client Agent.