From the point of view of the DualShield authentication server, the DualShield RADIUS server is treated as an Authentication Agent. Therefore, in order to install a DualShield RADIUS server, we need to first enable the Agent Registration option.
For an authentication agent to be able to connect to the DualShield authentication server, the agent must be registered in the DualShield authentication server.
For security purposes, the agent registration function is disabled by default. You need to enable the Agent Auto Registration function in your DualShield authentication server.
From the management console, navigate to "Authentication | Agents", then click
A new window will now open titled "Auto Registration", ensure the "Enabled" option is selected, then click ;
Tick the "Enabled" option first, then fill in the Starts and Expires date.
You may want to enable the "Check IP" option for extra security. If this option is enabled, then in the "IP Addresses" field you must enter the IP address of the machine where the authentication agent is being installed.
Click on the button, and Auto-Registration will now take place during the installation of the RADIUS server.
Install RADIUS Server
Like the DualShield server itself, the DualShield RADIUS server is typically installed on a Windows server. However, if desired then the DualShield RADIUS server can also be installed on a Linux server.
To install the DualShield Radius Server, launch the installer DualRadiusSetup.exe and go through the following steps:
If you have installed a DualShield RADIUS server on the same machine where a DualShield authentication server is installed, then the IP address of the RADIUS server would be registered as 127.0.0.1, the local loopback IP address.
If this is the only RADIUS server that you will have in your DualShield platform, then it is OK to use the local loopback IP address.
However, if you will have more than one RADIUS servers in your DualShield platform, then you must change the IP address of the RADIUS server to the network IP address.
To change the IP address of an authentication agent, first find the agent then open the context menu of the agent.
Select "Edit" from the contexst menu
Change the "Agent IP Address"
Click "Save"
Quick Test
To check if a RADIUS server is operating and connected to the authentication server, the quickest method is to use the Synchronize function.
Find the RADIUS server, open the context menu of the RADIUS server
select "Synchronise"
If there is no error message displayed on the screen, then it means that the connection between the RADIUS server and the authentication server is OK and the RADIUS server is operating. Otherwise, you will get the error message below: