The Authentication Servers RADIUS Server Management Screen displays all RADIUS Servers known to OmniVista Cirrus. It also enables you to add, edit, and delete RADIUS Servers from the list of RADIUS Servers known to OmniVista Cirrus. A built-in RADIUS Client is available in the device. A RADIUS Server that supports Vendor Specific Attributes (VSAs) is required. VSAs carry specific authentication, authorization, and configuration details about RADIUS requests to and replies from the server. Refer to "Managing Authentication Servers" in your Network Configuration Guide for specific information on the VSAs required. Before you add a RADIUS Server to OmniVista's list of RADIUS Servers known to OmniVista, you must first install and configure the RADIUS Server.

  • You cannot add, modify, or delete users and user privileges from RADIUS Servers in OmniVista Cirrus.

  • RADIUS Server Management supports wireless devices; however certain attributes may not be supported on wireless devices. See the configuration fields below for more information.

  • If you change the Shared Secret of the UPAM Radius Server, you also must update Shared Secrecy of NAS Client on the NAS Clients screen (UPAM > NAS Clients).

Adding a RADIUS Server

After configuring a RADIUS Server, you must add it to the list of RADIUS Servers known to OmniVista Cirrus. To add a new RADIUS Server, navigate to the RADIUS Servers Management screen by clicking on Network Access> Unified Access > Auth Servers > RADIUS Servers under the “Configure” section of the OmniVista Cirrus Menu. The RADIUS Servers Management screen displays.

To add a new RADIUS Server, click on the Create Radius Server button and complete the fields as described below. When you are finished, click on Create Radius Server.

Basic Information

  • Server Name - Unique name for the RADIUS Server. This name will be used by OmniVista and the device to identify the Server.

  • Host Name/IP Address - The name of the computer where the server is located OR the IP address of the computer where the Server is located.

  • Backup Host Name/IP Address - Each RADIUS Server may optionally have a backup server. If you wish to define a backup server that will be used if this server is unavailable, enter the name of the computer where the backup server is located OR enter the IP address of the computer where the backup Server is located.

  • Shared Secret - The password to the RADIUS Server (maximum of 64 characters). The "Shared Secret" is essentially the server password. Note that the password you enter must be configured identically on the RADIUS Server. Also note that if you use a remote RADIUS Server with a Shared Secret greater than 16 characters, OmniVista only supports PAP and CHAP authentication.

  • Confirm Secret - Re-enter the Shared Secret.

Advanced Information

  • Retries - The number of retries that you want the device to attempt when trying to contact the RADIUS Server (Range = 1 - 3, Default = 3).

  • Timeout - The number of seconds that you want the device to wait before a request to the RADIUS Server is timed out (Range = 1 - 30, Default = 2).

  • Authentication Port - The port to access the Server (Range = 1 - 65535, Default = 1812).

  • Accounting Port - The port for accounting information (Range = 1 - 65535, Default = 1813).

  • Pre-emption - If Pre-emption is enabled, Access Point (AP) will switch back to primary RADIUS server at the end of Count-Down Timer. If Pre-emption is disabled, then AP will switch to use the primary RADIUS server only if the backup RADIUS server is timed out. By default Pre-emption is Enabled.

  • Count-down Timer - Enter the number of seconds for the AP to adhere with the Secondary server, before moving back to Primary (Default is 600 seconds).

Editing a Radius Server

Select a RADIUS Server in the list and click on the Edit icon. Edit any necessary fields as described above, then click on the Save button. It is important to note that you cannot modify values indiscriminately. The values must match those of the actual RADIUS Server. For example, if you want to change the RADIUS Authentication port, you must first use the tools provided by your RADIUS Server's vendor to change the port on the RADIUS Server itself. You can then inform OmniVista that the port number has changed by modifying the Authentication Port field.

View Additional RADIUS Server Information

Select the RADIUS Server in the list and click on the Additional Information icon to view additional information about the selected RADIUS Server.

Deleting a RADIUS Server

Select a RADIUS Server in the list and click on the Delete icon. Note that deleting an authentication server from the list of RADIUS Servers known to OmniVista Cirrus will not cause devices that currently use that RADIUS Server to cease using it. Devices using the deleted RADIUS Server will continue to use it until the devices are reassigned.