Configure Your Connect It 4 Device To Use A Radius Server - Digi Connect IT 4 User Manual

User authentication
servers are unavailable. Additionally, users who are configured locally but are not configured on the
RADIUS server are still able to log into the device. Authentication methods are attempted in the order
they are listed until the first successful authentication result is returned; therefore if you want to
ensure that users are authenticated first through the RADIUS server, and only authenticated locally if
the RADIUS server is unavailable or if the user is not defined on the RADIUS server, then you should list
the RADIUS authentication method prior to the Local users authentication method.
See User authentication methods
If the RADIUS servers are unavailable and the Connect IT 4 device falls back to local authentication,
only users defined locally on the device are able to log in. RADIUS users cannot log in until the RADIUS
servers are brought back online.

Configure your Connect IT 4 device to use a RADIUS server

This section describes how to configure a Connect IT 4 device to use a RADIUS server for
authentication and authorization.
Required configuration items
Define the RADIUS server IP address or domain name.
n
Define the RADIUS server shared secret.
n
Add RADIUS as an authentication method for your Connect IT 4 device.
n
Additional configuration items
Whether other user authentication methods should be used in addition to the RADIUS server,
n
or if the RADIUS server should be considered the authoritative login method.
The RADIUS server port. It is configured to 1812 by default.
n
Add additional RADIUS servers in case the first RADIUS server is unavailable.
n
The server NAS ID. If left blank, the default value is used:
n
If you are access the Connect IT 4 device by using the WebUI, the default value is for
l
NAS ID is httpd.
If you are access the Connect IT 4 device by using ssh, the default value is sshd.
l
Time in seconds before the request to the server times out. The default is 3 seconds and the
n
maximum possible value is 60 seconds.
Enable additional debug messages from the RADIUS client.
n

Web
1. Log into Digi Remote Manager, or log into the local Web UI as a user with full Admin access
rights.
2. Access the device configuration:
Remote Manager:
a. Locate your device as described in
device.
b. Click the Device ID.
c. Click Settings.
d. Click to expand Config.
Digi Connect IT® 4 User Guide
Remote Authentication Dial-In User Service (RADIUS)
for more information about authentication methods.
Use Digi Remote Manager to view and manage your
688