RADIUS Settings - NCOS-How-to-Setup-Hotspot-Services-Captive-Portal/RADIUS-Settings

Setting up Hotspot Services and Captive Portal
NetCloud Feature
Networking > Wireless LAN
ft:locale
en-US
ft:sourceName
Paligo_Prod

Use the following as a reference for the RADIUS settings. If you load a profile from a third-party RADIUS/UAM provider, most of the settings are automatically filled out for you.

  • Server Address 1 – Assigned by RADIUS service.

  • Server Address 2 – This is an optional backup server.

  • Authentication Port – The standard port number, 1812, will usually be sufficient.

  • Accounting Port – The standard port number, 1813, will usually be sufficient.

  • Framed-IP-Address (Attribute 8): Use this to specify IP addresses assigned to user sessions. After a user authenticates, the RADIUS server can include this attribute in its Access-Accept message to inform the network access server which IP address to allocate to the user.

  • Server Timeout – Amount of time before the RADIUS server times out while attempting to respond to a request.

  • Server Retries – The number of unsuccessful attempts that RADIUS clients can make when attempting to contact their RADIUS server.

  • Shared Secret – Assigned by RADIUS service.

  • Redirection On Successful Authentication – Choose from the drop-down list of options for redirection:

    • To the UAM Server

    • To the URL that the user intends to visit

    • To the following URL (add the URL of your choice)

  • Session Timeout – (Default: 60 minutes) The amount of time the user may use the router before being forced to authenticate again. This value can be overwritten by the RADIUS server.

  • Idle Timeout – (Default: 15 minutes) If the user is idle for this amount of time, make them reauthenticate.

  • Bandwidth (upload) – (Default: 512 Kbits/sec) The data-rate limit for users uploading data through the hotspot.

  • Bandwidth (download) – (Default: 1024 Kbits/sec) The data-rate limit for users downloading data through the hotspot.

  • MAC Authentication – (Default: Disabled) Enables MAC authentication. MAC authentication can be used only when a hotspot is configured in RADIUS mode. See MAC Authentication for more information.

  • MAC Authentication Password Encryption – (Default: Enabled) Encrypts the shared secret before MAC authentication sends as part of the query to the RADIUS server to determine if a client device has already authenticated. This setting can be used only when MAC authentication is enabled.