Search the Community
Showing results for tags 'radius'.
The current implementation of RADIUS only allows the use of tokens/passwords that do not require a challenge/response. Currently, if a RADIUS Challenge message is sent to the portal, a Password Incorrect message is instead shown. Example Scenario [RADIUS server setup to use SMS tokencodes]: User enters their PIN and clicks Next PIN is sent to RADIUS server RADIUS server responds with Access-Challenge message Password portal prompts user for next token code (or whatever message is sent back with the Access-Challenge) User enters tokencode they received and clicks Next RADIUS server respondss with Access-Granted and authentication succeed This is also useful in scenarios when using hardware/software tokens via RADIUS and a PIN rotation is enabled. The portal would need to be able chain Access-Challenge responses as there may be more than one.