RADIUS server

Remote Authentication Dial In User Service is a protocol that allows network devices such as routers to authenticate users against a database. Passwords are encrypted using the RADIUS secret. Authorization to access a service is granted when a request matches a group of attributes such as the IP address of the requesting client. Authentication and authorization data are stored in user profiles. RADIUS also supports accounting, which is commonly used for billing and statistical purposes.

General settings

Server IP
IP address of the server.
Authentication port
Port to use for authentication. The default value is 1812.
Enable accounting
Enable accounting on the RADIUS server.

The firewall sends accounting start request and time to the server when the user logs on, and accounting stop request and time when the user logs off. Supported client types: Windows client, HTTP client, Linux client, Android, iOS, iOS HTTP client, Android HTTP client, API client.

Note The accounting stop message is not sent to the server when the firewall shuts down or reboots.
Accounting port
Port number to use for sending accounting information from the firewall to the RADIUS server. The default value is 1813.
Shared secret
Text string that serves as the password between the client and the server.
Group name attribute
Alias for the configured group name which is displayed to the user.
NAS-identifier
String identifying the NAS originating the access request, for example, an FQDN.
NAS-port-type
Type of the physical port of the NAS which is authenticating the user.