beautypg.com

Radius relay – Amer Networks E5Web GUI User Manual

Page 560

background image

This optional IP address will be used as the sending IP of the request sent to the RADIUS
server. If not set, the IP address of the sending interface will be used. The sending interface is
determined by a route lookup of the RADIUS server's IP address.

Idle Timeout

After this amount of seconds without traffic from the authenticated user, the user will be
automatically logged out.

Session Timeout

This is the absolute allowed length of a authenticated used session in seconds. This is
normally set to zero, meaning a session of infinite length.

Use Timeouts Received from Authentication Server

If this property is enabled and the RADIUS server is correctly configured, the Idle Timeout and
Session Timeout properties will take values sent by the RADIUS server.

Example 8.7. Radius Relay

This example shows how to configure a Radius Relay object called r_relay1 which will listen for
authentication requests on the If1 interface and relay them to a RADIUS server with the address
radius_ip.

After successful authentication, IP address leases will be handed out by a DHCP server object
called rr_dhcp_server. It is assumed the UEs will be allocated addresses belonging to the network
192.168.10.10-192.168.10.255 that will be defined in an IPv4 address object called client_net.

After successful authentication, UEs will be granted access to all networks on the If2 interface
using an IP rule called client_access_rule.

Command-Line Interface

Create the IP4Address object that defines the range of client IP addresses for the UEs and assign it
the authentication group called ue_group:

Device:/> add Address IP4Address client_net

Address=192.168.10.10-192.168.10.255
UserAuthGroups=ue_group

Create the IP4Address object that defines the IP address pool for the DHCP server. This must be a
different object although it uses the same IP range:

Device:/> add Address IP4Address client_ip_range

Address=192.168.10.10-192.168.10.255

Create the DHCPServer object that hands out these addresses:

Device:/> add DHCPServer rr_dhcp_server

Interface=If1
IPAddressPool=client_ip_range
Netmask=255.255.255.0
LeasesRequireAuth=Yes

Create the IPRule object that grants access to the networks on the interface If2:

Chapter 8: User Authentication

560

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: