Hi, Currently, I am setting up a new vpn pulse secure connect and I would like to manage it with my radius, here is what I did:
- Authentication > Authentication Servers > New > RADIUS Server
RADIUS Server : My IP Radius server
Authentication Port: 1812
Shared secret: ********
Accounting port : 1813
After on Administrators > Admin Realms > New
Name : Administraors by radius
Directory/Attribute: Same as above
After on Authentication > Signing In > Sign-in Policies
I added in "User picks from a list of authentication realms" --> MyRadius
What do you think? My radius is a freeradius, my issue is in freeradius, I already modified my file client.conf?
From the description, I can see that you have created RADIUS auth instance, admin realm and sign-in URL, however no role mapping was created. Please add the desired admin role under Admin realm >> (realm.name) >> role mapping >> create a rule >> map a role >> save changes. You should be good
Thanks for your answer. This is summary and my log:
1) Create new server Radius with setting
Authentication Servers > Radius Server > New Server...
Auth Servers > MyRadius > Settings
Name : MyRadius
RADIUS Server : 10.60.78.248
Authentication Port : 1812
Shared Secret : ********
Accounting : 1813
Custom RADIUS Rules
Name : Rule Radius
If received Radius Response Packet...
Response Packet Type : Access Challenge
Attribute criteria :
Radius Attribute : Reply-Message (18)
Operand : matches the expression
Value : admin_radius
Then take action...
show user login page with error message
2) Create admin realms
Admin Realms > Administrator Authentication Realms > New...
Name : MyRadiusAdmin
Authentication : MyRadius
Directory/Attribute : Same as above
Accounting : MyRadius
--> Source IP
Allow users to sign in from any IP address
--> Administrator sign in ports
Internal Port is enabled.
Management Portd is enabled.
--> When users meet these conditions
username is admin_radius
--> assign these roles
--> Rule Name
Other details :
My RADIUS Server is 10.60.78.248
Management Port is 10.60.78.200
The both are the same network but my Internal port is 10.50.58.1 and my External port is 10.70.48.1
My log for User Access :
Radius Server MyRadius : Login failed for admin_radius because host 10.60.78.248:1812 is unreachable.
I have a question my Radius server must be communicate by Internal port (10.50.58.1) and not management port because I have not open my firewall from RADIUS Server (10.60.78.248).
Auth control option can be under Authentication servers page. You can either set it to Global or auth server level.
Post making the above changes, you will be presented with the port selection option. Auth control feature was introduced on 9.0R3 code and will be present on 9.0R3 codes and higher.