Shared Secrets, Radius | RSA Security 6.1 specs

XThe RADIUS shared secret to be used by the RSA RADIUS Server and the client device. For information on RADIUS shared secrets, see “Shared Secrets” on page 6.

XThe UDP ports on which to send and receive RADIUS authentication and accounting packets. RSA RADIUS Server uses UDP ports 1645 and 1812 for authentication and UDP ports 1646 and 1813 for accounting. For more information, see “RADIUS Ports” on page 8.

Shared Secrets

A shared secret is a text string that serves as a password between hosts.

RSA RADIUS Server uses three types of shared secrets:

XRADIUS secret – Used to authenticate communication between a RADIUS server and a RADIUS client

XReplication secret – Used to authenticate communication between a primary RADIUS server and a replica RADIUS server

XNode secret – Used to authenticate communication between a RADIUS server and an RSA Authentication Manager server.

Access

Point

Remote Access

Replication

Secret

RADIUS

Secret

Replica

RADIUS

Server

Node Secret

Server (RAS)

Primary

RSA

Authentication

Manager Server

802.1X-Compatible

Switch

Virtual Private

Network

Replication

Secret

RADIUS Server

Replica

RADIUS

Server

Figure 2 Shared Secrets

6

About RSA RADIUS Server

September 2005

Image 18

RSA Security 6.1 manual Shared Secrets, Radius

Contents

RSA Radius Server 6.1 Administrator’s Guide Contact Information Trademarks Distribution Contents Chapter Installing the RSA Radius Server Chapter Administering Profiles Glossary Index About This Guide AudienceWhat’s In This Manual Syntax Conventions Vendor Information Related DocumentationRSA Radius Server Documentation Requests for Comments RFCs Getting Support and Service Third-Party ProductsBefore You Call for Customer Support RSA Radius Server Features About RSA Radius Server RSA Radius Server Overview About RSA Radius Server September RSA Radius Authentication Radius Packets Radius Configuration Radius Server ConfigurationRadius Client Configuration Shared Secrets Radius Radius Secret Replication SecretNode Secret Authentication Radius Ports Accounting Accounting Sequence Comma-Delimited Log Files Tunneled Accounting Vendor-Specific Attributes AttributesDictionaries Make/Model Field Checklist Attributes Attribute ListsUpdating Attribute Information Attribute Values Return List AttributesMulti-Valued Attributes System Assigned Values Default ValuesOrderable Attributes Echo Property Centralized Configuration Management Replacing a Replica Radius Server Designating a New Primary Radius Server Recovering a Replica After a Failed Download Changing the Name or IP Address of a Server Required Files Installing the RSA Radius ServerBefore You Begin Data Migration/Registration Installing on Windows System Requirements Installing the RSA Radius Server If you are installing a Replica RSA Radius Server, click Uninstalling the RSA Radius Server Software Installing on Solaris Installer Syntax Path Installing the RSA Radius Server Software Reppkg Enter RSA administration port Stopping and Starting the Radius Daemon Migration Log File Installing on Linux Linux Server System Requirements Should be overwritten Installing the RSA Radius Server Software Enter RSA administration port Etc/init.d/sbrd stop # ./uninstallrsa.sh Using RSA Radius Administrator Running RSA Radius Administrator Navigating in RSA Radius Administrator RSA Radius Administrator MenusFile Menu See , Administering Radius Clients on Panel Menu RSA Radius Administrator Toolbar Web MenuHelp Menu RSA Radius Administrator Windows Adding an Entry Editing an Entry Sample Add Window Cutting/Copying/Pasting Records Sample Edit Window Changing Column Sequence Using Context MenusResizing Columns Sorting Information Accessing Online Help Displaying Version InformationAdding a License Key Exiting the RSA Radius Administrator Add a License for Server Window Administering Radius Clients Radius Clients Panel Adding a Radius Client Add Radius Client Window Secret to display the characters in the shared secret Verifying a Shared Secret Deleting a Radius ClientPage Administering Radius Clients September Administering Profiles Adding a Checklist or Return List Attribute for a ProfileAbout Profiles Default Profile Resolving Profile and User Attributes Setting Up Profiles Adding a Profile Click Add to add this attribute/value pair to the list Removing a Profile Administering Profiles September Displaying Server Authentication Statistics Displaying Statistics Statistics Panel System Authentication Statistics Radius client is sending incorrectly formed packets to Displaying Server Accounting Statistics Statistics Panel System Accounting Statistics Accounting Statistic Meaning Resetting Server Statistics Displaying Radius Client Statistics Optionally, sort the messages by clicking a column header Displaying Statistics September Administering Radius Servers Replication Panel Adding a Radius Server Manually Add Server Window Enabling a Radius Server Deleting a Radius Server Publishing Server Configuration Information Notifying Replica Radius Servers Recovering a Replica After a Failed Download Designating a New Primary Radius Server Changing the Name or IP Address of a Server Regenerating a Node Secret Resetting the Radius Database Administering Radius Servers September Using the Radius System Log LoggingLogging Files Level of Logging Detail Controlling Log File Size Using the Accounting Log Accounting Log File Format First Line Headings Comma Placeholders Standard Radius Accounting Attributes Acct-Status-Type Acct-Input-Packets Ldap Configuration Interface File P e n d i x a About the Ldap Configuration Interface Ldap Utilities Ldap Requests Downloading the Ldap Utilities Configuring the Ldap TCP Port Ldap Version Compliance Ldap Virtual Schema Available Attributes Ldap Schema Slide 2 Ldap Schema Slide 3 Cn=username,o=radius -w passcode cachedPW Unspecified or 0.0.0.0 RAS IP address When you display Ldap Command Examples Searching for Records Modifying Records Ldapmodify Option Meaning Where Adding Records Deleting Records Statistics Variables Counter StatisticsStattype server Stattype authentication Stattype accounting Rate Statistics Using the Ldap Configuration Interface September Glossary AAA DNS Tokencode Radius Servers TLS 104 Glossary September Index Tokencode