SunScreen 3.1 Administration Guide

Configuring RADIUS Authentication

  1. Identify the RADIUS servers:

    # ssadm edit <Policy>> vars add prg=auth name=RADIUSServers 
    \VALUES={ host=radius_server_name }   \
    DESCRIPTION="RADIUS server name(s) or addresses to query"

  2. Add the node secret used by RADIUS protocol to secure traffic between the RADIUS client and server:

    # ssadm edit <Policy>> vars add sys=screen_name prg=auth  
    name=RADIUSNodeSecret VALUE="xxxxxxxx

    Where xxxxxxxx is the RADIUS Node Secret.

  3. Add a Rule to allow the SunScreen machine to communicate with the RADIUS servers:

    # ssadm edit <Policy>edit > add rule radius EFS_hostname 
    radius_server_name ALLOW
    edit > save
    # ssadm activate <Policy>