Networking: Local Radius Server on ASG
Cause small offices (planning offices, Laywers, etc.) are not using a windows server AD but like to use WLAN (cause there´s no cabeling needed) a local radius server would be helpful (i.e. available on Linksys Routers with TinyPEAP or via DD-WRT) to authentificate the users with a central security. So a local user database is still on the ASG. Why not implement an optional radius server instead of pointing to a local one on a windows server?
I would like to see the option to have the UTM software forward the CallStation ID (MAC address) to a server already configured as a RADIUS server on the existing network so that it can handle authentication. Thank you.
Jerame Hernandez commented
This is a must have. It seems too easy. The utm would process the requests and match the ips as the log on and off. The accounting for web filtering and usage would come full circle and enable us to validate risky habits without the need for captive portals
It does not seem to be a huge request to simple authenticate off the local users. I think most need some user based wireless security beyond the hotspot concept. (Many other vendors have this and I am losing out work to this)
Konstanze Arnold commented
Not only helpful for the named features and small offices.
When i'm using the OTP Feature in 9.2, then it would great i could other services authenticate with UTM configured OTP-Token.
At first i think about 2nd factor Auth on a Citrix Netscaler Access Gateway.
Then would the user have only one OTP-Token for Services on UTM _and_ Citrix Webservices.
The cause for the need is, that Citrix HTTPS Service for ICA based Applications wont work proper with a Reverse Proxy (like Webserver Protection on UTM). Revise me if i'm wrong.
Please can you review this idea, because i think it would be very helpfull for small to medium offices,....
I don't need it to be Radius per say I just want AD authentication for WIFI, you can do it VPN it shouldn't be a huge leap to implement
Would even be useful in a AD environment, to centralise control of AP's and logging, while using the users credentials in AD for authentication.
This is exactly what I need!
You can already use a variety of authentication services for the user portal, why not use that list of users! WiFi shouldn't depend on another server to function properly.
Timm Schneider commented
Hi, yeah this would be a great idea. Right now those customers buy Fortgate´s because they have a local radius.
The integration of FreeRadius would be a great feature for small to medium offices that do not use an AD.
I need this feature too! It would be very helpful.
Mario Schmidt commented
This could also increase Wi-Fi Security
If you can't add a local Radius, "fake it" using the local user DB... this would be a great feature to have for small installs, etc. that do not have additional servers available to provide RADIUS authentication.
Would be very helpful. It would allow to use 802.1X authentication in the networks