Manualshelf

User's Manual Part 1

ManualsBrandsGemtek Technology ManualsElectronics54 Mb Hotspot-in-a-Box
61626364656667686970
User’s Guide Chapter 7 – Reference Manual
Figure 71 – Add New RADIUS Server
Name – specify the new RADIUS server name.
Default – check the check box to make the selected RADIUS the default server.
Authentication IP – authentication RADIUS server IP address [dots and digits].
Authentication Port – specify the network port used to communicate with RADIUS [1-65535].
The port default value of 1812 is based on RFC 2138 "Remote Authentication Dial-
in User Service (RADIUS)".
Authentication Secret – shared secret string that is used to encrypt data frames used for
authentication server.
Accounting IP – accounting RADIUS server IP address [dots and digits].
Accounting Port – specify the network port used to communicate with RADIUS [1-65535].
Accounting Secret – shared secret string that is used to encrypt data frames used for accounting
server.
Backup IP – backup RADIUS server IP address [dots and digits].
Backup Port – specify the network port used to communicate with RADIUS [1-65535].
Backup Secret – shared secret string that is used to encrypt data frames used for backup server.
Shared secret must be the same on RADIUS server and RADIUS client.
Reverse Accounting – [enabled/disabled]. The RADIUS accounting request contains Acc-Input-
Octets and Acc-Output-Octets attributes. The interpretation of these attributes according the
RFC2866 is relative to the point of view. If this point is at the AC - Acct-Input* attributes should contain
the bytes/packets received at AC port from the client and Acct-Output* attributes should contain
bytes/packets sent from AC port to the client. If we move this point to the client - we will get the
reversing of Acct-Input* and Acct-Output* attributes values. The Acct-Input* then should contain
bytes/packets received from AC, what is bytes/packets that AC sent to the user in AC point of view
and what was Acct-Output*.
The AC implementation of RADIUS accounting request is at the client point of view
(reverse accounting is disabled).
The value "disabled" means that Acct-Input* RADIUS attributes will contain bytes/packets sent to
the client and Acct-Output* RADIUS attributes will contain bytes/packets received from the client
during the curse of service being provided.
The value "enabled" means that info in the Acct-Input* and Acct-Output* RADIUS attributes will be
swapped (reversed). That is the Acct-Input* will contain bytes/packets received from the client and the
Acct-Output* will contain bytes/packets sent to the client.
Strip WISP – [enabled/disabled] select ‘enabled' if you want to strip WISP domain name before
sending it to the RADIUS server. Stripping means removing everything before the “/” character
including character itself for such user name login format like: “WISPdomain/username”.
Select “disabled” if you need to send the user login name to RADIUS server unmodified. Some
RADIUS servers can be configured in such way that requires full-unmodified user name to be sent.
UAM authentication method – select authentication method from drop-down menu:
PAP – Password Authentication Protocol
CHAP – Challenge Handshake Authentication Protocol
MSCHAP1 – Microsoft Challenge Handshake Authentication Protocol version 1
MSCHAP2 – Microsoft Challenge Handshake Authentication Protocol version 2
Gemtek Systems Page 66