Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

Networking: Local Radius Server on ASG

Cause small offices (planning offices, Laywers, etc.) are not using a windows server AD but like to use WLAN (cause there´s no cabeling needed) a local radius server would be helpful (i.e. available on Linksys Routers with TinyPEAP or via DD-WRT) to authentificate the users with a central security. So a local user database is still on the ASG. Why not implement an optional radius server instead of pointing to a local one on a windows server?

332 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Dirk EndlerDirk Endler shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    Anonymous shared a merged idea: Add more Functionality and options to the RADIUS setup  ·   · 

    14 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Jerame HernandezJerame Hernandez commented  ·   ·  Flag as inappropriate

        This is a must have. It seems too easy. The utm would process the requests and match the ips as the log on and off. The accounting for web filtering and usage would come full circle and enable us to validate risky habits without the need for captive portals

      • TomTom commented  ·   ·  Flag as inappropriate

        It does not seem to be a huge request to simple authenticate off the local users. I think most need some user based wireless security beyond the hotspot concept. (Many other vendors have this and I am losing out work to this)

      • Konstanze ArnoldKonstanze Arnold commented  ·   ·  Flag as inappropriate

        Not only helpful for the named features and small offices.
        When i'm using the OTP Feature in 9.2, then it would great i could other services authenticate with UTM configured OTP-Token.
        At first i think about 2nd factor Auth on a Citrix Netscaler Access Gateway.
        Then would the user have only one OTP-Token for Services on UTM _and_ Citrix Webservices.
        The cause for the need is, that Citrix HTTPS Service for ICA based Applications wont work proper with a Reverse Proxy (like Webserver Protection on UTM). Revise me if i'm wrong.

      • KloanaKloana commented  ·   ·  Flag as inappropriate

        Please can you review this idea, because i think it would be very helpfull for small to medium offices,....

      • rbarbrowrbarbrow commented  ·   ·  Flag as inappropriate

        I don't need it to be Radius per say I just want AD authentication for WIFI, you can do it VPN it shouldn't be a huge leap to implement

      • Anonymous commented  ·   ·  Flag as inappropriate

        Would even be useful in a AD environment, to centralise control of AP's and logging, while using the users credentials in AD for authentication.

      • Anonymous commented  ·   ·  Flag as inappropriate

        This is exactly what I need!
        You can already use a variety of authentication services for the user portal, why not use that list of users! WiFi shouldn't depend on another server to function properly.

      • Timm SchneiderTimm Schneider commented  ·   ·  Flag as inappropriate

        Hi, yeah this would be a great idea. Right now those customers buy Fortgate´s because they have a local radius.

      • GillesGilles commented  ·   ·  Flag as inappropriate

        The integration of FreeRadius would be a great feature for small to medium offices that do not use an AD.

      • BrucekConvergentBrucekConvergent commented  ·   ·  Flag as inappropriate

        If you can't add a local Radius, "fake it" using the local user DB... this would be a great feature to have for small installs, etc. that do not have additional servers available to provide RADIUS authentication.

      • DmitryiDmitryi commented  ·   ·  Flag as inappropriate

        Would be very helpful. It would allow to use 802.1X authentication in the networks

      Feedback and Knowledge Base