Version Affected: RADIUS 20.12.07
Description:
How to enable "Use Client Source IP Address” in RADIUS manually via the configuration file rather than using the RADIUS admin console.
Cause:
In the affected version(s) stated above, the ability to enable "Use Client Source IP Address” as per the documentation is missing from the user interface in the RADIUS admin console.
Additionally it may be desired to make this change for multiple RADIUS clients such as instances where an upgrade has been made from a much earlier version of RADIUS (e.g. 2.3.X) where "Client Source IP Address" is used as the NAS Identifier by default, but RADIUS 20.12.07 uses NAS-IP-Address by default.
Resolution:
- Stop the RADIUS service.
- Open the RADIUS configuration file in a text editor. Default location is:
C:\Program Files\SecureAuth Corporation\SecureAuth IdP RADIUS Agent\bin\conf\appliance.radius.properties
- Search for the following text:
"useSourceIP"\:false
- Replace with:
"useSourceIP"\:true
- Repeat for any remaining instances as required. Each instance relates to an individual RADIUS client.
- Save the file
- Start the RADIUS server
- RADIUS clients will now be identified by their actual IP rather than the NAS-IP-Address RADIUS attribute embedded in the RADIUS packet.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
Please sign in to leave a comment.