DHCP Authentication through RADIUS Server

In terms of authentication, it is also possible to configure a RADIUS Server for the users' validation.

When the DHCP + Radius is activated, the Station requests an IP address to the UTM in the DHCP Service. The UTM consults if there is an static entrance available for this Station (through MAC address), in positive case, it provides the reserved address; on the contrary, it does not. 

Sumarizing, the UTM consults the integrated Radius Server, in case the Radius Server authorizes, the UTM delivers the IP address from the range; otherwise, it does not provide the IP address and the machine does not receive it, and remains without network access.

This option can be enabled in Services, Firewall, in the Zone Protection tab:

In order to do so, it is necessary to create a policy in Zone Protection and select "DHCP" among the options:

Authentication Service selection: Services > Firewall > Zone Protection > Create[] or Edit[] Zone Protection.

Next, we should click in the DHCP option in Services and enable the Radius Authentication option: 

Radius Server user and password input screen.

The following message will be displayed, just click "OK":

It is important to remember that the user in the Radius server (IP field) is the MAC address:

Example of a Radius Server main screen.

Example of the user details screen.

Finally, just insert the user and password and the authentication through Radius Server will be enabled. 

  • No labels