Policy Server GuidesPolicy Design GuideAgents and Agent Groups › Configure a RADIUS Agent

Previous Topic: Configure Agent Identities for Non-Web Agents

Next Topic: Create Custom Agents

Configure a RADIUS Agent

A RADIUS Agent secures an entire application that communicates using the RADIUS protocol. For information about RADIUS and SiteMinder, see the SiteMinder Policy Server Management Guide.

After you configure a RADIUS Agent, install and configure a SiteMinder Agent on a RADIUS client or application server. You can only configure RADIUS Agents locally. For instructions, see the SiteMinder Web Agent Installation Guide.

Note: When you create or modify a Policy Server object in the Policy Server User Interface, use ASCII characters. Object creation or modification with non-ASCII characters is not supported.

To configure a RADIUS Agent

  1. Log into the Policy Server User Interface.
  2. From the SiteMinder Administration menu bar, select Edit, System Configuration, Create Agent.

    The Agent Properties dialog appears.

  3. In the Name field, enter the name of the Agent. This name is case-insensitive, and must be 7-bit ASCII characters, in the range 32-127.You cannot create one Agent named MyAgent and another named myagent.

    Note: The Agent name you specify must match the Agent name that you enter when you install the SiteMinder Agent. If you change the Agent name in at the Agent, you must also edit the Agent name at the Policy Server.

  4. Optionally, in the Description field, enter a brief description of the Agent.
  5. Select the Support 4.x agents check box.

    Additional controls specific to 4.x agent types appear in the dialog.

  6. In the Agent Type group box, select the RADIUS radio button.

    The contents of the dialog change to support RADIUS Agents.

  7. From the drop-down list in the Agent Type group box, select the vendor type of the RADIUS device the Agent will protect.

    Generic RADIUS can be used to protect any type of RADIUS device, however, Generic RADIUS Agent types do not provide access to vendor-specific response attributes.

  8. In the IP Address or Host Name field, enter the IP address or the host name of the RADIUS client (NAS device).
  9. In the Shared Secret field, enter an alphanumeric shared secret.

    Enter the shared secret used by the NAS device. The shared secret is used for mutual authentication between the NAS device and the Policy Server. The secret must be between 1 and 255 characters in length and contain no embedded spaces.

  10. In the Confirm Secret field, re-enter the shared secret.
  11. If you selected the RADIUS agent type, you can also fill in the Realm Hint Attribute.

    Realm hints are needed if a RADIUS Agent protects a NAS device that must authenticate users in different domains, such as mydomain.com and yourdomain.com. A realm hint is a RADIUS attribute that provides SiteMinder with information about the domain in which to authenticate the user.

    Note: For more information about realm hints, see the SiteMinder Policy Server Management Guide.

  12. Click Apply to save the changes, or click OK to save the changes and return to the SiteMinder Administration window.

If you want to protect resources with the RADIUS Agent, you can now associate this Agent with a realm.

More information:

Start the Policy Server User Interface

Agent Dialog

Configure a Realm Protected by a RADIUS Agent