RADIUS Authentication

Note!
The RADIUS authentication wiki page needs lots of attention. Please feel free to update this page to make it better.

Note: The web proxy must be running in non-transparent (i.e., conventional) mode for authentication.

Authentication Method - RADIUS

RADIUS

FIXME - The RADIUS authentication method offers ...

Global authentication settings

Number of authentication processes

Specifies the authentication process which can be started. If more authentication processes are needed, so there may be delays during authentication. To correct this behavior, it would help to set the value up (default value are 5).

Authentication cache TTL (in minutes)

Specifies the "time-to-live" value of the cached user data in minutes. This value is measured from the last request (default 60 min.) .

Limit of IP addresses per user

Here you can set how many simultaneous logins per user are permitted (default is empty <-> means any number).

Require authentication for unrestricted source addresses

Unrestricted IP addresses are also subject to local authentication. If this option is disabled, an authentication does not apply to unrestricted IPs.

Authentication realm prompt

Here, an individual created text can be edited which will be displayed during the authentication process.

Domains without authentication (one per line)

Defines domains which work also without authentication.

Common RADIUS settings

RADIUS Server

FIXME

Port

FIXME

Identifier

FIXME

Shared secret

FIXME

User based access restrictions

Enabled

FIXME

Use positive access control

Authorized users (one per line)
FIXME

Use negative access control

Unauthorized users (one per line)
FIXME

Links

• squid-cache wiki - Configuring a Squid Server to authenticate from RADIUS
• Wikipedia - RADIUS