Authenticating Application Traffic
Setting
Description
Default Value
Name
Specifies a unique name for the configuration object. This setting is required.
No default value
Type
Specifies the type of authentication module you want to implement. You must set this value to RADIUS.
No default value
RADIUS Servers
Lists the IP addresses of the RADUIS servers that the BIG-IP system will use to obtain authentication data.
No default value
Note that for each server listed, you must create a corresponding RADIUS server definition. A RADIUS server definition specifies the server name, port number, RADIUS secret, and timeout value. For more information, see Table 10.3. Client ID
Sends a NAS-Identifier RADIUS attribute with string bar. If you do not specify a value for the Client ID setting, the PAM service type is used instead. This feature can be disabled by specifying a blank client ID.
No default value
Debug Logging
Enables SYSLOG debugging information at LOG_DEBUG level. We do not recommend this for normal use.
Disable
Accounting Bug
Disables validation of the accounting response vector. This option should only be necessary on older servers.
Disable
Retries
Specifies the number of authentication retries that the BIG-IP system allows before authentication fails.
3
Table 10.4 Settings of a RADIUS configuration object
To create a RADIUS configuration object 1. On the Main tab, expand Local Traffic, and click Profiles. The Profiles screen opens. 2. From the Authentication menu, choose Configurations. 3. In the upper right corner of the screen, click Create. This displays the New Configuration screen. 4. For the Name setting, specify a unique name for the configuration object, such as my_radius_config. 5. For the Type setting, select RADIUS. The screen expands to show several settings. 6. Modify or retain values for all settings shown. (To configure advanced settings, locate the Configuration heading and select Advanced.) 7. Click Finished.
Configuration Guide for BIG-IP速 Local Traffic Management
10 - 11