Previous page

Next page

Locate page in Contents

Using RADIUS

The below diagram shows the double hop perimeter network scenario with RAS Publishing Agent connected to a RADIUS server (RADIUS is located in Intranet but it can be placed in DMZ).

_Radius_Server_Diagram.png

To configure RADIUS properties:

  1. In the Parallels RAS Console, navigate to Connection / Multi-factor authentication.
  2. In the Provider drop-down list, select a RADIUS solution that you use in your organization. The following options are available:
    • Azure MFA server (RADIUS)
    • Duo (RADIUS)
    • FortiAuthenticator (RADIUS)
    • TekRADIUS
    • RADIUS

      Note: For specifics about configuring some of the solutions, please read corresponding subsections at the end of this section.

  3. Click the Settings button. In the dialog that opens, select the Connections tab and specify the following options:
    • Type Name: Specify the name of the OTP connection type that will be displayed on the Logon screen on the client side. This should be the name that your users will clearly understand.
    • Server: Enter the hostname or IP address of your RADIUS server.
    • Port: Enter the port number for the RADIUS Server. Click the Default button to use the default value.
    • Timeout: Specify the packet timeout in seconds.
    • Retries: Specify the number of retries when attempting to establish a connection.
    • Secret Key: Type the secret key.
    • Password Encoding: Choose from PAP (Password Authentication Protocol) or CHAP (Challenge Handshake Authentication Protocol), according to the setting specified in your RADIUS server.
  4. Click the Check connection button to validate the connection. If the connection is configured correctly, you will see a confirmation message.
  5. Select the Forward username only to RADIUS server as required.
  6. Select the Forward the first password to Windows authentication provider option to avoid a prompt to enter the password twice (RADIUS and Windows AD). Note that for Azure MFA server, this option is always enabled and cannot be changed.
  7. Please also read a note at the bottom of the dialog (if available) suggesting a certain setting specific for your RADIUS solution.
  8. If your RADIUS solution requires configuring attributes, click the Attribute tab and then click Add. In the dialog that opens, specify the following:
    • In the Vendor drop-down list, select a vendor.
    • In the Attribute list, select a vendor attribute.
    • In the Value field, enter a value for the selected attribute type (numeric, string, IP address, date, etc).
  9. Click OK and then click OK again to close all dialogs.