Manual Chapter :
Creating a virtual server for RADIUS
Applies To:
Show Versions
BIG-IP APM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0
Creating a virtual server for RADIUS
You should have an access profile
configured.
You create a virtual server to handle traffic
connecting to applications being authenticated using RADIUS.
An AAA server
does not load-balance. Do not select a local traffic pool for this virtual server.
- On the Main tab, click .The Virtual Server List screen opens.
- ClickCreate.The New Virtual Server screen opens.
- In theNamefield, type a unique name for the virtual server, such asldap_proxyorea-ldap-vip.
- ForSource Address, selectHostand type the address, for example0.0.0.0/0.
- For theDestination Address/Masksetting, confirm that theHostbutton is selected, and type the IP address in CIDR format (address/prefix).The various virtual servers being used for ephemeral authentication (LDAP, LDAPS, and/or RADIUS) can all have the same Destination Address as long as they use different service ports.
- In theService Portfield, select port number1812.
- ForProtocol, selectUDP.
- ForProtocol Profile (Client), select a protocol profile (such asudp).
- ForSource Address Translation, selectAuto Map.
- In the Ephemeral Authentication section, forAccess Configuration, select the Access Configuration you created.
- ForRADIUS Authentication Configuration, select the you created.
- Optionally, under Resources, forDefault Pool, select the external RADIUS server to be used for bypass users.If you want certain users to bypass ephemeral authentication, the RADIUS virtual server works as a RADIUS proxy. In that case, the backend devices authenticate directly with an external RADIUS server.
- ClickFinished.
The virtual server is created with the
Ephemeral Access Configuration and the RADIUS Authentication Configuration associated
with it.
