Using SMS with RADIUS Server
If no connect information is provided, connect information defaults to that specified for the default group (called “*” or “star”). This information can be specified at the SMS2000. If no bandwidth management is specified at the SMS2000, then users without
Using Real IP Addresses
Subscribers can use real Internet routable IP addresses when connected to the SMS2000 and authenticated via RADIUS. The easiest way to do this is to configure the default group with the static IP type in SMS, providing an optional DHCP pool of real IP addresses available via DHCP.
If only a few users are going to connect using static IP addresses which are not configured via DHCP, while the rest of your users will be NATed, use the
If the subscriber’s PC is configured with the given address, the SMS2000 passes traffic through directly to the subscriber once the subscriber is authenticated without using NAT. If the subscriber’s PC is configured for DHCP or is configured with the wrong IP address, the SMS2000 will NAT the subscriber as normal.
For example:
Postel Password = “Postel”
When Postel connects to the SMS2000, he will initially be
RADIUS Ports
The official assigned RADIUS ports are 1812 for authentication and 1813 for accounting. A typical /etc/services file shows the RADIUS ports this way:
radius | 1812/tcp |
| # radius | |
radius | 1812/udp |
| # radius | |
1813/tcp | radacct | # radius Accounting | ||
1813/udp | radacct | # radius Accounting |
SMS2.3.5 and earlier used ports 1645 and 1646. Any SMS that currently has a RADIUS server configured will retain ports 1645 and 1646 when upgrading to SMS2.3.6.
By default, any new RADIUS configuration with SMS2.3.6 will use ports 1812 and 1813, unless the systems administrator specifies another set of ports.
TUT Systems, Inc | Page 79 of 104 | P/N |