Targeting the RADIUS Authentication system
For each RADIUS Authentication system, add a target system in Bravura Security Fabric (Manage the System > Resources > Target systems):
Type is RADIUS Authentication .
Address uses options described in the table below
The address is entered as follows:
{[listOverride={action=copy;srcTargetId=<source target id>;script=<script name>;postHook=<hook name>;};]server=<server1[:port]>,<server2[:port]>,<server3[:port]>;[port=<port>;][realm=<security realm>;][timeout=<connection timeout>;]enabledefaultpwd=<true|false>;[defaultpwd=<password>;][attribs=<{key01=value01;key02=value02;}>;]ppphint=<true|false>;boguspkt=<true|false>;}Administrator ID and Password are the credentials for the RADIUS shared secret. The administrator ID should be specified with any value as it is not used for authentication. The password must be the RADIUS shared secret configured from the Radius Authentication server.
The full list of target parameters is explained in Target system options .
Option | Description |
|---|---|
Options marked with a | |
Server | The IP address/domain name of one or more authentication servers. Multiple servers may be specified in a comma separated list for failover authentication. Port numbers may also be optionally specified for each individual server in the format server:port. (key: server) |
Port | Port to connect to on the authentication server. This value is used when the port number is not specified for an individual server for the Server parameter. Default is 1812. (key: port) |
Security realm | RADIUS realm to use. (key: realm) |
Timeout for connection | Total amount of time the connector will wait for a response from the authentication server. The time is divided between three tries. (key: timeout) |
Skip password authentication? | Select to provide a default password for this target system. When an external factor (such as pressing OK on a mobile phone) is used, typically this is combined with password authentication through another target system to complete a two-factor Log in. (key: enabledefaultpwd) |
Placeholder password to use when skipping password authentication | The default password text. This is required when Skip password authentication? is checked. (key: defaultpwd) |
Additional RADIUS attributes | This value must be in the format {key01=value01;key02=value02;} for any number of key=value pairs. The key must be from the list in radius_access (which is a subset from http://freeradius.org/rfc/attributes.html) and the values must match the specification for that key. (key: attribs) |
Send PPP Hint? | Select if the connection uses a link framing protocol like Point-to-Point protocol. (key: ppphint) |
Send additional bogus packet? | Select to send a malformed packet along with a valid one. (key: boguspkt) |
List Override | Provides the ability to override the default agent’s list operation functionality. Requires version 12.x or greater. (key: listOverride) |
