[NEBULA] How to configure sign-in method with My RADIUS server?
Master Member
Where to find:
Access point > Configure > Authentication > Network Access >
Sign-in method
Function
description:
Use the existing database to let the stations pass authentication. AP will
block network traffic until a client authenticates with an external RADIUS
server through the specifically designated web portal page.
Scenario:
We have our own RADIUS server, and it will be combined with the AP
authentication. All our employees must pass the RADIUS authentication to access
the internet
Configuration:
1. Go to Access point > Configure > SSID overview, and configure the SSID
name.
2. Go to Access point > Configure > Authentication. Choose the SSID and configure the settings.
Confirm the SSID name is correct
Choose the Sign-in method as Sign-on with My RADIUS server and add the RADIUS server detail.
3. (Optional) If there is a RADIUS accounting server in the environment, we also can add it here.
4. (Optional) Access point > Configure > Authentication > Walled garden. When choosing Sign-on with My RADIUS server, the wall garden will be enabled as well. We can add the website that the customer can access without passing the authentication. If we want to promote some website as our hotel website or our co-operator website, we can configure here. It will be listed in the whitelist.*1
5. (Optional) Access point > Configure > Authentication > Captive portal access attribute. We can have more setting in Captive portal access attribute.
Login on multiple client devices: this can restrict the login devices at a time. It could be one device or multiple devices.
Strict Policy: Allow HTTPs traffic without sign-on or not.
Reauth time: The agreement page will pop out again when the lease time is expired. We can choose the follow site-wide setting*2 or assign a definite time for it.
6. (Optional) Access point > Configure > Captive portal. We can captive portal content here.
Confirmation
Login page and successful page on the station
Log
Note.
1. About the Walled garden, One IP address/domain in one line to specify your walled garden. Example: *.zyxel.com, www.zyxel.com, 192.168.1.0/24
2. Site-wide reauthentication time: Site-wide > Configure > General settings > Captive portal reauthentication > For click-to-continue users.
3. The AP must be added in trust list in the RADIUS server.
Categories
- 7.8K All Categories
- 1.6K Nebula
- 53 Nebula Ideas
- 53 Nebula Status and Incidents
- 4.3K Security
- 215 Security Ideas
- 906 Switch
- 40 Switch Ideas
- 803 WirelessLAN
- 15 WLAN Ideas
- 5K Consumer Product
- 131 Service & License
- 260 News and Release
- 49 Security Advisories
- 6 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- Documents
- 34 Nebula Monthly Express
- 67 About Community
- 40 Security Highlight