Manual Chapter : Creating a virtual server for RADIUS

Applies To:

Show Versions Show Versions


  • 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0
Manual Chapter

Creating a virtual server for RADIUS

You should have an access profile configured.
You create a virtual server to handle traffic connecting to applications being authenticated using RADIUS.
An AAA server does not load-balance. Do not select a local traffic pool for this virtual server.
  1. On the Main tab, click
    Local Traffic
    Virtual Servers
    The Virtual Server List screen opens.
  2. Click
    The New Virtual Server screen opens.
  3. In the
    field, type a unique name for the virtual server, such as
  4. For
    Source Address
    , select
    and type the address, for example
  5. For the
    Destination Address/Mask
    setting, confirm that the
    button is selected, and type the IP address in CIDR format (address/prefix).
    The various virtual servers being used for ephemeral authentication (LDAP, LDAPS, and/or RADIUS) can all have the same Destination Address as long as they use different service ports.
  6. In the
    Service Port
    field, select port number
  7. For
    , select
  8. For
    Protocol Profile (Client)
    , select a protocol profile (such as
  9. For
    Source Address Translation
    , select
    Auto Map
  10. In the Ephemeral Authentication section, for
    Access Configuration
    , select the Access Configuration you created.
  11. For
    RADIUS Authentication Configuration
    , select the
    Ephemeral Authentication
    RADIUS Authentication Configuration
    you created.
  12. Optionally, under Resources, for
    Default Pool
    , select the external RADIUS server to be used for bypass users.
    If you want certain users to bypass ephemeral authentication, the RADIUS virtual server works as a RADIUS proxy. In that case, the backend devices authenticate directly with an external RADIUS server.
  13. Click
The virtual server is created with the Ephemeral Access Configuration and the RADIUS Authentication Configuration associated with it.