Versions Compared

Old Version 3

changes.mady.by.user Paul Ruvin

Saved on

compared with

New Version Current

changes.mady.by.user Paul Ruvin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Register DualShield RADIUS Server

  1. Log in to the WebAdmin interface of Sophos XG
  2. Under "Configure" Select "Authentication" from the menu on the left

  3. Select “Servers” Tab




4. Click "Add"

Image RemovedImage Added

5. Server Type: Configure as follows:

OptionValue
Server Name:Radius server

...

Server Name:

...

Friendly name
Server IP:

...

Radius Server

...

IP

...

Authentication Port:1812

...

Time-out:30

...

Accounting port: 1813

...

Shared Secret:This must match the one you specified under DualShield configuration

...

Domain name:Enter

...

your domain name

...

Group name attribute:memberof


14Click 6. Click "Test server settings"
Image Removed
Enter a test Username and Password

Now, click “Authenticate example user”

Image Removed

Enable Auto User creation for the RADIUS users

  • Select “Definitions & Users -> Authentication Servers”
  • Select “Global Settings” Tab
  • Enable “Create users automatically”
  • Click Apply.
  • Choose “End-User Portal” and “SSL VPN”
    • Click Apply
    Image Removed

    Allow RADIUS user to access the End-User Portal

    In order to get their SSL VPN client and configuration, users have to initially log in to the End User portal. Make sure that RADIUS authenticated users are allowed to log in.

  • Select “Management -> User Portal”
    • Add the “Radius Users” group to the list of allowed users. You can choose this group by clicking on the Folder icon and drag and drop it from the list on the left. 
    Image Removed

    Allow RADIUS users to use the SSL VPN client

  • Select Remote Access -> SSL
    • Add the "Radius Users" group to the list of allowed users. You can choose this group by clicking on the Folder icon and drag and drop it from the list on the left.
    Image Removed

    Allow RADIUS users to use the HTML5 VPN portal

  • Select Remote Access -> HTML5 VPN Portal
    • Add the "Radius Users" group to the list of allowed users. You can choose this group by clicking on the Folder icon and drag and drop it from the list on the left.
    Image Removed

    connection" and if successful click "Save"

    7. Click on the "Services" tab

    Image Added

    Image Added

    8. Enable and Apply the DualShield Radius server under User Portal and VPN and SSL VPN  authentication methods 

    9.  For SSL VPN, please make sure the option "Set authentication method for SSL VPN" is enabled.

    10.  Once the user authenticates a user account is created on Sophos XG itself.  You can view them under the "Users" tab.

    Image Added

    11.  Once created you need to add a Name and Email for the user and set the Policies