9.64.2.2 Radius Client Agent Configuration
You open the Radius Client agent configuration dialog from a workflow configuration by either right-clicking the agent icon and selecting Configuration..., or double-clicking the agent icon.
Radius Servers Tab
The Radius Client agent configuration dialog - Radius Servers tab
The Radius Servers tab enables you to configure an IP address and a secret key for every RADIUS server that the agent communicates with.
Item | Description |
---|---|
Host Address | The IP address or hostname of the RADIUS server. |
Secret Key | The shared secret key is used to sign RADIUS transactions between the server and its client, as well as to encrypt user-password attributes. |
Throughput Threshold | If throttling has been enabled for the host, this field will show the configured threshold for when requests (UDRs) should be throttled. Throttled UDRs will be routed back into the workflow. For example: 1.000 (which means a maximum of 1.000 requests/second will be forwarded). |
To Add a Server
In the configuration for the Radius Client agent, click on the Add button.
The Add Radius Server dialog opens.
The Add Radius Server dialog
Enter the IP address or hostname and secret key for the server in the Host Address and Secret Key fields.
If you want to enable throttling for the host, select the Enable Throttling check box, and then enter the maximum number of UDRs (requests) per second you want the agent to forward in the Throughput Threshold (UDR/s) field.
Note!
Ensure that you handle the throttled UDRs in your APL code in the workflow in order to not loose any UDRs.
- Click on the Add button and the server will be added in the table containing Radius Servers, and then click on the Close button to close the dialog when you are finished adding hosts.
Adding a server from the Workflow Instance view
If you are defining the radius server or multiple radius servers, you can define them per workflow instances using the Workflow Table tab in Workflow Properties. By using the Workflow Table tab to set the property Additional Servers to Default or Per Workflow.
You will need to follow a particular json format to define the servers. This format also applies when using External References.
[{"host":"<host>", "secret":"<password>", "maxTps":"<value>"}]
The Radius Client Additional Servers property with value - Workflow Instances
Miscellaneous Tab
The Radius Client agent configuration dialog - Miscellaneous tab
Setting | Description |
---|---|
Host | Enter either the IP address or the hostname through which the agent will bind with the Radius servers. Note! Since the Radius servers are configured to communicate with a specific host on this port, it is important that the workflow that includes the Radius agent is configured to execute on the associated EC/ECSA for that specific host, and not on a random one. Two Radius agents should not be configured to listen through the same port, on the same host. |
Source Port | Enter the local port through which the agent will bind with the Radius servers. |
Additional Ports | In case you want to use a range of ports, enter the number of consecutive ports in this field. For example, if you enter 2000 in the Source Port field and 10 in the Additional Ports field, the ports 2000-2010 will be used. |
Retry Count | This setting defines the maximum number of attempts to send. An attempt to send occurs if a response is not received within the Retry Interval time. If you set this to 0, no retries will be made. |
Retry Interval | Enter the time interval between repeated attempts to send. In the Retry Interval Time Unit setting you can decide whether you want to configure this interval in seconds or milliseconds. |
Timeout Resolution (ms) | The agent checks whether retries are to be sent with regular intervals. Enter the number of milliseconds you want to have between these checks in this field. |
Retry Interval Time Unit | Select in which unit it you want to configure the Retry Interval; Seconds or Milliseconds. Seconds is the default setting. |
Skip MD5 Calculation | Select to exclude the use of the MD5 hashing algorithm. Note! When the Skip MD5 Calculation check box is selected, the authenticator field in all the request messages turn 0 (zero). |
Identifier Calculation | Select this check box if you want an identifier to be calculated and appended to the requests automatically. This identifier will be used for correlating requests with answers. As the maximum number of pending requests to a specific port is 256, the identifier range will be 0-255. |
Error Handling | Select an Error Route to ensure that all rejected packets are routed into the workflow using this route. |