RAD-Series RADIUS Server Product Support
RAD-Series RADIUS Server Frequently Asked Questions
Frequently Asked Questions (FAQ's) are arranged by topic.
If you do not find the answer to your question(s) here,
please go to the Contact
Support page and complete the form.
RADIUS Server Functionality:
| |
|
2. Does the RADIUS Server
support roaming?
Yes, roaming is implemented through the server's
extensive support of realms and RADIUS proxying. More
complex roaming relationships based upon Dialed Number
(DNIS) and other attributes can be easily defined using
the RAD-P Advanced Policy Engine. |
| |
|
3. Can the RADIUS Server
be used behind a firewall?
Yes, the firewall must not be configured to filter out
communication on the RADIUS protocol UDP ports. By
default the RAD-Series Server communicates on the RFC
standard UDP ports 1812 and 1813 |
| |
|
4. Are there any RADIUS client programs
that aid in testing?
Yes, in the RAD-Series Server package there are two
RADIUS client programs, radcheck and radpwtst. The
former is used to test the status of a server and the
latter for testing user authentication, authorization
and accounting. |
| |
|
5. Does the RADIUS Server
support wireless applications?
Yes, the RAD-Series Server supports both MD5 and Cisco
LEAP authentication over Extensible Authentication
Protocol (EAP) |
| |
|
6. Does the RADIUS Server
support Oracle databases?
Yes, the RAD-Series Server includes an Oracle database
interface capable of load balancing and fail-over with
up to four Oracle databases for high performance mission
critical systems |
| |
|
7. Can the RADIUS Server be
used to manage IP Address Pools?
Yes, the RAD-Series Server includes the Address Resource
Manager (ARM). The ARM centrally manages multiple named
pools of IP addresses. Together with RAD-Series RADIUS
Server Advanced Policy Engine, IP addresses can be
allocated from various address pools on the basis of any
desired criteria involving RADIUS attributes |
| |
|
8. Does the RADIUS Server
support tokencard authentication?
Yes, the RAD-Series Server supports RSA's SecurID
tokencard and ACE Server |
| |
|
9. Does the RADIUS Server
have an Application Programming Interface (API)?
Yes, custom plug-in modules can be easily developed using
Interlink Network's Software Developer's Kit (SDK), a C
language RADIUS Server API, development environment, and
documentation kit. With the RAD-Series Server's flexible
architecture, plug-in modules can be inserted virtually
anywhere in the authentication or accounting process to
do specialized request processing, proprietary
authentication, or custom logging. |
| |
|
10. Can static IP addresses be assigned
using 802.1x?
The IEEE 802.1x standard does not provide a mechanism
for IP address assignment. Therefore, configuration of
the Framed-IP-Address and Framed-IP-Netmask attributes as
Reply-Items in a user’s profile will have no effect.
Either a DHCP server should be used, or the station should
be configured with a static IP address. |
| |
|
11. What hash functions are supported
for storing user passwords?
The RAD-Series Server supports PAP authentication when
passwords are stored with any of the following hash
functions:
-
crypt
-
md5
-
sha
-
ssha
-
lmhash
-
x-nthash
The passwords must be stored with the hash function prefix,
{hash-function} as specified in RFC 2307. If an
unsupported hash function is used to store passwords in
LDAP, then the server can authenticate by binding.
This is configured as
Authenticate Bind
in the PROLDAP configuration for the realm.
The RAD-Series Server Manager supports all of the above
hash functions for hashing and storing of user passwords
in a local flat file. |
| |
|
| |
If you do not find the answer to your question(s) here,
please go to the Contact
Support page and complete the form.
|
