Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Radius Server request

dmhit1_
New Contributor
‎09-03-2008 12:33:AM
‎09-03-2008 12:33:AM

Radius Server request

Hi,

I'm using a Radius server to auth. ma users. This Radius uses a mySQL-database searching for username and passwords. This works fine.

Now the username will have the company name at the end. f.e. [email protected] or [email protected] (this is stored as user in the database) The user itself only types his name (judith or mirijam) and his password to the loginURL.

In the IVE this login-URLs always named like the companies (/ibm or /hp)

Now the question: is it possible to combine the username typed in by the user and the login URL from the sign-in policie to send this altogether as username to the Radius server?

thanks for your responses.

0 Kudos
5 REPLIES 5
Raheel_
Occasional Contributor
‎09-03-2008 11:04:AM
‎09-03-2008 11:04:AM

Re: Radius Server request

Having a specific sign in URL policy allows you to select different user realm which in turn allows you to select different auth server. However, I donÕt see where the RADIUS auth server configuration can specify realm. If this is possible, then you could define two RADIUS auth server configurations each to different realm. Maybe you specify realm on the RADIUS server itself. If this is the case, then you specify two RADIUS auth server configuration and specify two user realm point to each RADIUS auth server configuration and have each sign in URL select that particular user realm.

We do not have any way of customizing usernames sent to the radius authserver.

though you can prepend domain names to AD authserver user names, nothing for Radius though.

also It is possible in combination of SSL-VPN and IC thru custom sign-in page customization adding javascript to add the RADIUS realm name into login name onSubmit.

thanks

Raheel Anwar
Message Edited by Raheel on 09-03-2008 11:20 AM
0 Kudos
Jickfoo_
Super Contributor
‎09-03-2008 11:25:AM
‎09-03-2008 11:25:AM

Re: Radius Server request

There is a variable for LoginURL but no Login URI..

Maybe your Roles to the name of the companies. Then utilize the role variable in the radius field.

Set username to <user>@<role> .

Justin

0 Kudos
kenlars_
Super Contributor
‎09-03-2008 12:06:PM
‎09-03-2008 12:06:PM

Re: Radius Server request

You can use custom sign-in pages to append something to the username before sending it to the Radius server, and the realm is known to the LoginPage.thtml page. Assuming you have sign-in policies which direct the user to a single realm, you could concatenate the user ID and the first entry in the Realm array (since it nominally has multiple entries) and send this to your Radius. I have an example of a LoginPage.thtml page which concatenates a fixed domain to the username; you could probably modify this to do what you want to do.
0 Kudos
dmhit1_
New Contributor
‎09-04-2008 12:13:AM
‎09-04-2008 12:13:AM

Re: Radius Server request

Kenlars,

seems the easiest way for me to fix this thing. Can you please send me this example, or add it as attachement.

thanks a lot to all for your help

0 Kudos
kenlars_
Super Contributor
‎09-08-2008 07:06:AM
‎09-08-2008 07:06:AM

Re: Radius Server request

Sent you a private message with the LoginPage.thtml file I use last week. Did you get a change to try it?
0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.