cancel
Showing results for 
Search instead for 
Did you mean: 

AD and Radius Authentication

z080236_
Contributor

AD and Radius Authentication

 VPN Login page was implemented with Radius Authentication , with radius server sending back Accept or Reject(by authenticating AD and OTP), let's take the time taken to do 1 authentication be T1.

However, in order to let users key in the 2nd field on OTP page, we split the password and OTP from a single field to two fields, this time SA 4500 authenticates the AD, then Radius. The time taken for 1 authentication T2 is much longer than T1.

How do I improve the performance for T2?

1 REPLY 1
zanyterp_
Respected Contributor

Re: AD and Radius Authentication

Is your AD connection via the AD/NT server instance or LDAP? If the former, please move to the latter and confirm login is much quicker. If you are using one of the very few (1-2) instances in which LDAP is not easily feasible, if you are currently doing group membership, can you switch to username for role mapping?