Setup RADIUS Proxy
Learn how to setup and install RADIUS Proxy as well as to test that it's working.
Before You Begin
- Enable RADIUS Proxy. This is Standard License feature. To learn about these features, see Standard License Tier Features for Oracle Identity Cloud Service.
- Install the latest Postman client.
- Download the Oracle Identity Cloud Service RADIUS Proxy Postman collection.
- Review these checkpoints. As you are setting up RADIUS Proxy, use the following checkpoints to verify that your configuration is correct at each step of the process.
- Check that the RADIUS Proxy and the RADIUS Proxy Client App are activated in Identity Cloud Service.
- Check the IP address of Database and port number of RADIUS Proxy are correctly configured in the RADIUS App.
- Check the RADIUS Agent is up and running.
- Check the proxy server is up and running.
- Check the database is up.
RADIUS Proxy Mapping
RADIUS Proxy and RADIUS Proxy Listener has a 1-1 mapping, for example for each RADIUS Proxy there is one RADIUS Proxy Listener. Multiple Oracle DB RADIUS clients can be mapped to one RADIUS Proxy, that is, a RADIUS Proxy has a 1-n mapping with Oracle DB RADIUS clients.
If an administrator configures multiple Oracle DB RADIUS clients, then that many Oracle Database RADIUS apps need to be created in Oracle Identity Cloud Service-one for each Oracle DB RADIUS client. For example, if an administrator has configured four Oracle DB RADIUS clients to one RADIUS Proxy, then in Oracle Identity Cloud Service there must be four Oracle Database RADIUS apps configured-one for each Oracle DB client.
Log Files and Configuration Information
Note the following file locations for log and configuration information.
Installer Logs | <RADIUS_PROXY_INSTALLER_LOCATION>/oracle_radius_proxy/_Oracle®\ Identity\ Cloud\ Service\ RADIUS\ Proxy_installation/Logs/ |
Radius Agent Logs | <RADIUS_PROXY_INSTALLER_LOCATION>/oracle_radius_proxy/radius_agent/logs/agent.log |
Radius Proxy logs | <RADIUS_PROXY_INSTALLER_LOCATION>/oracle_radius_proxy/radius_proxy/log/radius_proxy.log |
Radius Proxy Configuration | <RADIUS_PROXY_INSTALLER_LOCATION>/radius_proxy/conf/radius_proxy.conf |
Radius Agent Configuration | <RADIUS_PROXY_INSTALLER_LOCATION>/radius_agent/conf/radius_agent.conf |
Radius Client Configuration | <RADIUS_PROXY_INSTALLER_LOCATION>/radius_proxy/conf/radius_clients.conf |
Trouble Shooting
Learn about common problems that you might encounter when using RADIUS Proxy and learn how to solve them.
/sbin/service idcs_radiusd
is stopped
Use the following steps when you see that the status of /sbin/service idcs_radiusd
is stopped.
- Check the radius agent is running by uning the following Python command:
<RADIUS_PROXY_INSTALLER_LOCATION>/oracle_radius_proxy/radius_agent/scripts/src/radius_agent.py status
- If the status is running, check the agent logs at:
<RADIUS_PROXY_INSTALLER_LOCATION>/oracle_radius_proxy/radius_agent/logs/agent.log
If you see the below exception in the RADIUS Proxy logs (<RADIUS_PROXY_INSTALLER_LOCATION>/oracle_radius_proxy/radius_proxy/log/radius_proxy.log) file: Exception in thread "main" java.net.BindException: Cannot assign requested address at sun.nio.ch.Net.bind0(Native Method)
The solution is to make sure the host entry is correct in RADIUS Proxy listener.
RADIUS Proxy Known Issues
Learn about RADIUS Proxy known issues you might encounter.
Changes in the RADIUS Proxy Configuration
<RADIUS_PROXY_INSTALLER_LOCATION>/oracle_radius_proxy/radius_agent/scripts/src/radius_agent.py restart
.- Verify if the configuration is updated in:
<RADIUS_PROXY_INSTALLER_LOCATION>/radius_proxy/conf/radius_proxy.conf
or<RADIUS_PROXY_INSTALLER_LOCATION>/radius_proxy/conf/radius_clients.conf
. /sbin/service idcs_radiusd restart
.
Change an IP Address from CIDR Format
PATCH: {{HOST}}/admin/v1/Apps/{{appid}}
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations": [{
"op": "replace",
"path": "urn:ietf:params:scim:schemas:oracle:idcs:extension:radiusApp:App:clientIP",
"value": "10.34.0.0/16"
}]
}