Configure RADIUS Authentication for a Firebox

Applies To: Cloud-managed Fireboxes

RADIUS (Remote Authentication Dial-In User Service) authenticates local and remote users on a company network. RADIUS is a client/server system that keeps the authentication information for users, remote access servers, VPN gateways, and other resources in one central database.

To configure a cloud-managed Firebox to use RADIUS authentication, you can add a RADIUS server to an authentication domain, and then configure Fireboxes in your account to use that domain for authentication.

RADIUS Authentication Methods

A cloud-managed Firebox uses these authentication protocols for user authentication with a RADIUS server:

  • Firewall authentication — PAP (Password Authentication Protocol)
  • Mobile VPN authentication — EAP-MSCHAPv2

Before You Begin

Before you configure your Firebox to use a RADIUS authentication server, you must have this information for each RADIUS server:

  • Primary RADIUS server — IP address and RADIUS port
  • Secondary RADIUS server (optional) — IP address and RADIUS port
  • Shared secret — Case-sensitive password that is the same on the WatchGuard Cloud authentication domain and on the RADIUS server
  • Authentication methods — Configure your RADIUS server to allow the authentication method your Firebox uses: PAP, EAP-MSCHAPv2

Configure RADIUS Authentication for a Cloud-Managed Firebox

To use RADIUS server authentication with a cloud-managed Firebox, you must:

See Also

About Firebox Authentication Settings