Integrating RADIUS Server & Leveraging RADIUS Authentication
You can integrate Password Manager Pro and RADIUS server in your environment and also leverage the RADIUS authentication for user access bypassing the local authentication provided by PMP. This section explains the configurations involved in integrating RADIUS server with PMP.
Step 1 - Providing Basic Details about RADIUS Server
To configure RADIUS server in PMP, provide the following basic details about RADIUS server and credentials to establish connection:
- Go to "Admin" >> "Users" >> "RADIUS"
- In the UI that opens, click the button "Configure" on step 1
- In the UI that opens, provide the following details
- Server Name/IP Address - enter the host name or IP address of the host where RADIUS server is running
- Server Authentication Port - enter the port used for RADIUS server authentication. By default, RADIUS has been assigned the UDP port 1812 for RADIUS Authentication
- Server Protocol - select the protocol that is used to authenticate users. Choose from four protocols - Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Microsoft Challenge-Handshake Authentication Protocol (MSCHAP), Version 2 of Microsoft Challenge-Handshake Authentication Protocol (MSCHAP2)
- Authentication Retries - select the number of times you wish to retry authentication in the event of an authentication failure
- Server Secret - You have the option to enter the RADIUS server secret either manually in the text box or you can direct PMP to use the secret already stored in the product. In that case, you need to select the resource name and account name from the drop-down. The second option - storing the RADIUS password in PMP and selecting it from drop-down is the recommended approach.
- Click "Save"
Step 2 - Enable RADIUS Authentication
After configuring the RADIUS server, the next step is to leverage the RADIUS server's authentication mechanism. To enable RADIUS authentication, click the button "Enable" in step 2. Once you do this, users would be able to login with their RADIUS credentials.
Important Note: The users who will be accessing PMP using their RADIUS server credentials, will have to be added as users in PMP first. When you do so, you need to ensure that the "user name" in PMP is exactly the same as the username used for accessing the RADIUS server. Here, PMP does not store the password used for RADIUS authentication.