You can configure NetScaler Gateway to authenticate user access with one or more RADIUS servers. If you are using RSA SecurID, SafeWord, or HID ActivID products, each of these is configured by using a RADIUS server.
Your configuration might require using a network access server IP address (NAS IP) or a network access server identifier (NAS ID). When configuring NetScaler Gateway to use a RADIUS authentication server, use the following guidelines:
- If you enable use of the NAS IP, the appliance sends its configured IP address to the RADIUS server, rather than the source IP address used in establishing the RADIUS connection.
- If you configure the NAS ID, the appliance sends the identifier to the RADIUS server. If you do not configure the NAS ID, the appliance sends its host name to the RADIUS server.
- When you enable the NAS IP, the appliance ignores any NAS ID that is configured using the NAS IP to communicate with the RADIUS server.
To configure RADIUS authentication:
- In the configuration utility, on the Configuration tab, expand .
- Click RADIUS, and then in the details pane, on the Policies tab, click Add .
- In the Create Authentication Policy dialog box, in Name, type a name for the policy.
- In Name, type a name for the policy.
- Next to Server, click New.
- In the Create Authentication Policy dialog box, in Name, type a name for the server.
- Under Server, in IP Address, type the IP address of the RADIUS server.
- In Port, type the port. The default is 1812.
- Under Details, in Secret Key and Confirm Secret Key, type the RADIUS server secret.
- In NAS ID, type the identifier number and then click Create.
- In the Create Authentication Policy dialog box, next to Named Expressions, select the expression, click Add Expression, click Create and then click Close.