Manual Chapter : Creating a virtual server for RADIUS

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 16.0.0
Manual Chapter

Creating a virtual server for RADIUS

You should have an access profile configured.
You create a virtual server to handle traffic connecting to applications being authenticated using RADIUS.
An AAA server does not load-balance. Do not select a local traffic pool for this virtual server.
  1. On the Main tab, click
    Local Traffic
    Virtual Servers
    .
    The Virtual Server List screen opens.
  2. Click
    Create
    .
    The New Virtual Server screen opens.
  3. In the
    Name
    field, type a unique name for the virtual server, such as
    ldap_proxy
    or
    ea-ldap-vip
    .
  4. For
    Source Address
    , select
    Host
    and type the address, for example
    0.0.0.0/0
    .
  5. For the
    Destination Address/Mask
    setting, confirm that the
    Host
    button is selected, and type the IP address in CIDR format (address/prefix).
    The various virtual servers being used for ephemeral authentication (LDAP, LDAPS, and/or RADIUS) can all have the same Destination Address as long as they use different service ports.
  6. In the
    Service Port
    field, select port number
    1812
    .
  7. For
    Protocol
    , select
    UDP
    .
  8. For
    Protocol Profile (Client)
    , select a protocol profile (such as
    udp
    ).
  9. For
    Source Address Translation
    , select
    Auto Map
    .
  10. In the Ephemeral Authentication section, for
    Access Configuration
    , select the Access Configuration you created.
  11. For
    RADIUS Authentication Configuration
    , select the
    Ephemeral Authentication
    RADIUS Authentication Configuration
    Profile
    you created.
  12. Optionally, under Resources, for
    Default Pool
    , select the external RADIUS server to be used for bypass users.
    If you want certain users to bypass ephemeral authentication, the RADIUS virtual server works as a RADIUS proxy. In that case, the backend devices authenticate directly with an external RADIUS server.
  13. Click
    Finished
    .
The virtual server is created with the Ephemeral Access Configuration and the RADIUS Authentication Configuration associated with it.