Register DualShield RADIUS Server
- Log in to the WebAdmin interface of Sophos XG
- Under "Configure" Select "Authentication" from the menu on the left
Select “Servers” Tab
4. Click "Add"
5. Configure as follows:
Option | Value |
---|---|
Server Name: | Radius server |
Server Name: | Friendly name |
Server IP: | Radius Server IP |
Authentication Port: | 1812 |
Time-out: | 30 |
Accounting port: | 1813 |
Shared Secret: | This must match the one you specified under DualShield configuration |
Domain name: | Enter your domain name |
Group name attribute: | memberof |
6. Click "Test connection" and if successful click "Save"
7. Click on the "Services
Enter a test Username and Password
Now, click “Authenticate example user”
Enable Auto User creation for the RADIUS users
- Select “Definitions & Users -> Authentication Servers”
- Select “Global Settings” Tab
- Enable “Create users automatically”
- Click Apply.
- Choose “End-User Portal” and “SSL VPN”
- Click Apply
Allow RADIUS user to access the End-User Portal
In order to get their SSL VPN client and configuration, users have to initially log in to the End User portal. Make sure that RADIUS authenticated users are allowed to log in.
- Select “Management -> User Portal”
- Add the “Radius Users” group to the list of allowed users. You can choose this group by clicking on the Folder icon and drag and drop it from the list on the left.
Allow RADIUS users to use the SSL VPN client
- Select Remote Access -> SSL
- Add the "Radius Users" group to the list of allowed users. You can choose this group by clicking on the Folder icon and drag and drop it from the list on the left.
Allow RADIUS users to use the HTML5 VPN portal
- Select Remote Access -> HTML5 VPN Portal
- Add the "Radius Users" group to the list of allowed users. You can choose this group by clicking on the Folder icon and drag and drop it from the list on the left.