Vigor Router provides internal RADIUS server. This document introduces how to set up Vigor Router to be a RADIUS server and use it as the authentication server for 802.1x authentication.
1. Create user profiles: Go to User Management >> User Profile, click on an available profile index, enable this profile, enter Username and Password.
2. At Internal Services, check Internal RADIUS, so that this profile can be used for RADIUS clients. Then, click OK to save.
3. Enable internal RADIUS: Go to Applications >> RADIUS/TACACS+ >> Internal RADIUS,
(Optional)4. User Profile area shows all the user profiles stored on the router. The profiles in Authentication List are the profiles that have "RADIUS" enabled and which RADIUS client can use, such as the profile created in step 1. The profiles in Available List are the user profiles that don't have "RADIUS" enabled. If you would like RADIUS client to use those profiles, you may select the available profiles then click ">>" to put them into Authentication List.
5. RADIUS client setup: For the 802.1X authenticator which would like to use Vigor Router as RADIUS server, need to enter the IP address of Vigor Router and Shared Secret set in step 2.
6. After the steps above, when client devices connect to the RADIUS client (the authenticator) and attempt to join the network, they can log in with the credentials set in step1.
7. From Diagnostics >> Authentication Information, the network administrator may check each user's last successful authentication and failed attempts.
If the client devices failed to join the network, and the Syslog shows "RADIUS SRV: Invalid Message- Authenticator from [Radius Client IP]", it might because that the shared secret of client and server do not match.
Was this helpful?
Sorry about that. Contact Support if you need further assistance, or leave us some comments below to help us improve.