Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X1000
151152153154155156157158159160
Chapter 10: Creating Aliases and Implementing Authentication
136 WatchGuard Firebox System
authentication key that identifies it to the RADIUS server. Note that it is
the key that is transmitted, and not a password. The key resides on the
client and server simultaneously, which is why it is often called a “shared
secret.”
To add or remove services accessible by RADIUS authenticated users, add
the RADIUS user or group in the individual service properties dialog box
and the IP address of the Firebox on the RADIUS authentication server.
Although WatchGuard supports both CHAP and PAP authentication,
CHAP is considered more secure.
From Policy Manager:
1 Select Setup => Authentication Servers.
The Authentication Servers dialog box appears.
2 Click the RADIUS Server tab.
The RADIUS information appears, as shown in the following figure.
3 Enter the IP address of the RADIUS server.
4 Enter or verify the port number used for RADIUS authentication.
The default is 1645. RFC 2138 states the port number as 1812, but many
RADIUS servers still use port number 1645.
5 Enter the value of the secret shared between the Firebox and the
RADIUS server.
The shared secret is case-sensitive and must be identical on the Firebox and the
RADIUS server.
6 Enter the IP address and port of the backup RADIUS server. The
RADIUS servers’ secret must be shared between both the primary and
backup servers.