Primary authentication 编辑

You can configure authentication servers such as RADIUS or TACACS+ to authenticate remote users logging on to Citrix SD-WAN Center. Primary authentication is the first authenticating factor for remote users when two-factor authentication is enabled. For more information, see Two-factor authentication.  

Note

Ensure that user accounts are created on the required authentication servers.

RADIUS authentication server

To use RADIUS authentication, you must specify and configure at least one RADIUS server. Optionally, you configure redundant backup servers, up to a maximum of three RADIUS servers. The servers are checked sequentially, starting with the server listed first in the Servers section. Ensure that the required user accounts are created on the RADIUS authentication server.

To enable and configure RADIUS authentication:

  1. In the Citrix SD-WAN Center web interface, navigate to Administration > User/Authentication Settings.

  2. In the Primary Authentication > RADIUS Authentication section, select the Enable RADIUS Authentication check box.  

    Note

    If TACACS+ authentication is already enabled, it gets disabled.

  3. In the Timeout field, enter the time interval (in seconds) to wait for an authentication response from the RADIUS server.

    The timeout value should be less than or equal to 10 seconds.

  4. In the Server Key field, enter a secret key to use when connecting to the RADIUS servers.

  5. In the Confirm Server Key fields, reenter the secret key.

    Note

    The Timeout and Server Key settings are applied to all configured servers.

  6. Select Enable Two-factor, to enable two-factor authentication.

    Note

    The Enable Two-factor option appears only when the secondary authentication server is configured.

    Configure a secondary authentication server, either RADIUS, or TACAS+. For more information, see Secondary authentication.

  7. Click the plus icon (+) next to Servers to add a RADIUS server.

  8. In the IP Address field, enter the host IP address for the RADIUS server.

  9. In the Port field, enter the port number for RADIUS server. The default port number is 1812.

    localized image

  10. Click Apply.

  11.  Click Verify to verify the connection to the RADIUS server. The Verify RADIUS Server Settings dialog box appears.

    localized image

  12. Enter a valid username and password for the authentication servers, and click Verify.

To configure more servers, repeat the steps 7 through 12.

TACACS+ authentication server

To use TACACS+, you must specify and configure at least one TACACS+ server. Optionally, you configure redundant backup servers, up to a maximum of three TACACS+ servers. The servers are checked sequentially, starting with the server listed first in the Servers section. Ensure that the required user accounts are created on the TACACS+ authentication server.

To enable and configure TACACS+ authentication:

  1. In the Citrix SD-WAN Center web interface, navigate to Administration > User/Authentication Settings.

  2. In the Primary Authentication > TACACS+ Authentication section, select the Enable TACACS+ Authenticationcheck box.

    Note

    If RADIUS authentication is already enabled, it gets disabled.

  3. In the Timeout field, enter the time interval (in seconds) to wait for an authentication response from the TACACS+ server.

    The timeout value should be less than or equal to 10 seconds.

  4. In the Authentication Type field, select the encryption method to use to send the username and password to the TACACS+ server.

  5. In the Server Key field, enter a secret key to use when connecting to the TACACS+ servers.

  6. In the Confirm Server Key fields, reenter the secret key.

    Note

    The Timeout, Authentication Type, and Server Key settings are applied to all the configured servers.

  7. Select Enable Two-factor, to enable two-factor authentication.

    Note

    The Enable Two-factor option appears only when the secondary authentication server is configured.

    Configure a secondary authentication server, either RADIUS, or TACAS+. For more information, see Secondary authentication.

  8. Click the plus icon (+) next to Servers to add a TACACS+ server.

  9. In the IP Address field, enter the host IP address for the TACACS+ server.

  10. In the Port field, enter the port number for TACACS+ server. The default port number is 49.

    localized image

  11. Click Apply.

  12.  Click Verify to verify the connection to the RADIUS server. The Verify TACACS+ Server Settings dialog box appears.

    localized image

  13. Enter a valid username and password for the authentication servers, and click Verify.

    To configure more servers, repeat the steps 8 through 13.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:11 次

字数:7590

最后编辑:7 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文