RADIUS Settings
RADIUS settings must be configured in both the LOM and RADIUS server.
Use the RADIUS Settings window to configure LOM to connect to a RADIUS server. Specified users in the RADIUS database can log in to LOM.
Allows configurations for up to two RADIUS servers. The second serves as a backup if the first server fails.
Configuring RADIUS in LOM WebUI
To configure the RADIUS setting:
-
In the LOM WebUI, select Configuration > RADIUS. The RADIUS Settings window opens.
-
Configure the settings for RADIUS authentication.
Field Name
Description
RADIUS
Authentication
When selected, enables RADIUS based authentication.
Port
Port of the RADIUS server (default 1812).
Time Out
Number of seconds that LOM waits for a response from the RADIUS server. After this time, the RADIUS authentication fails, and the user cannot log in to the LOM.
The value can be set to any number from 3 to 300 seconds.
Server Address
IPv4 address of the RADIUS server.
Secret
Case-sensitive text string. This value is the same as setting on the RADIUS server.
The string must contain from 4 to 31 characters.
-
Click Save.
Configuring FreeRADIUS and Other RADIUS Servers
The instructions in this section apply to FreeRADIUS.
Note - For other RADIUS servers, refer to the RADIUS server documentation.
To configure a FreeRADIUS Server:
-
On the RADIUS server, set Reply-Message for the privilege for each user in the User file. Otherwise, LOM rejects the user account. The parameter in the file that defines privileges for LOM user is:
Reply-Message = "privilege=<LEVEL>". Make sure that there are no blank spaces in the privilege parameter.The privilege levels are:
Administrator Operator
No-Access (user cannot log in to LOM)
Sample parameter for a user with administrator privileges:
Reply-Message = "privilege=Administrator"
-
Configure the secret on the RADIUS server. This value is also entered in the Secret field. For example, In clients.conf, change the secret line to:
Secret = testing123