Shared secret

d Click OK.

You must enter the same accounting shared secret when you configure the RADIUS client.

8Optionally, indicate whether you want to enable keepalive processing and specify how long the server waits for RADIUS packets from the client before assuming connectivity has been lost.

If you click the Assume down if no keepalive packets after checkbox, you can enter a value in the (seconds) field. If the server does not receive any RADIUS packets from this client after the specified number of seconds, the server assumes that the connection to the client is lost or that the client device has failed. When this happens, RSA RADIUS Server gracefully closes any user it has authenticated for the client. RSA RADIUS Server adjusts the counts of concurrent user connections appropriately.

NOTE: If the value you enter in the (seconds) field is too low, valid user or tunnel connections can be lost. For example, during low usage periods, a RAS device might not send any RADIUS packets to the RSA RADIUS Server, even though the device is still functioning.

Verifying a Shared Secret

To verify a shared secret on the RSA RADIUS Server:

1Open the RADIUS Clients panel.

2Select the RADIUS client whose shared secret you want to verify and click the Edit button (or double-click the RADIUS client entry).

The Edit RADIUS Client window opens.

3Enter the shared secret you think is assigned to the RADIUS client in the

field.

4Click the Validate button.

If you entered the correct shared secret, the Validation Successful window opens. Click OK.

Deleting a RADIUS Client

To delete a RADIUS client:

1Open the RADIUS Clients panel.

48

Administering RADIUS Clients

September 2005

Page 60
Image 60
RSA Security 6.1 manual Verifying a Shared Secret, Deleting a Radius Client