Configure Portal RADIUS Plug-In

With the RADIUS plug-in, users can obtain access to the guest Wi-Fi network with their username and password that are configured on a RADIUS server. For example, guest users with RADIUS credentials could be frequent guest visitors or employees from a different location in your organization. Guests are authenticated by the RADIUS server, which communicates to the AP about the success or failure of the authentication attempt.

The RADIUS plug-in does not require any configuration, and you can configure any number of other authentication plug-ins in your portal configuration. However only the RADIUS plug-in or the other authentication plug-ins can be active at the same time in the Captive Portal settings. The RADIUS plug-in only appears on a splash page if you have configured the RADIUS settings in the Captive Portal section of the SSID Profile in Manage. Otherwise, the other configured authentication plug-ins are displayed on the splash page. For more information on how to configure portal settings in Manage, see Enable a Captive Portal.

  • To view RADIUS plug-in authentication data, from Analyze, click Analytics, then select the Demographics option from the drop-down list. This data appears in the "Login Method by Duration" and "Login Methods by Location" graphs. For more information, see Demographic Analytics.
  • To view guest user entries that authenticated with the RADIUS plug-in, from Analyze, click Analytics, then select Profiles from the drop-down list. For more information, see Profile Analytics.
  • To configure QoS (Quality of Service) settings for the RADIUS plug-in, click Portals, then select the Plug-in QoS tab. For more information, see Configure QoS for Plug-In.

To configure the RADIUS plug-in on the portal:

  1. Open Analyze.
  2. Click Portals.
  3. Select the portal name for which you want to configure the RADIUS plug-in, or create a new portal.
  4. Select the Settings tab.
  5. Click the RADIUS icon to enable the RADIUS plug-in for the portal.

Screen shot of the portal configuration page with the RADIUS plugin enabled

The Skip Splash Page setting is not applicable if the guest uses the RADIUS plug-in for authentication.

  1. Click Save.

Enable RADIUS Splash Page Authentication in the Captive Portal Configuration in Manage

You can enable RADIUS authentication in your Captive Portal configuration so that guests are redirected to the portal splash page to enter their RADIUS credentials when they connect to a guest SSID.

To configure your Captive Portal settings in Manage:

  1. Open Manage.
  2. Select Configuration > Device Configuration > SSID Profiles.
  3. Select an existing SSID Profile or create a new profile.
  4. Expand the Captive Portal section.
  5. Select the Enable Captive Portal check box.
  6. Select the External Splash Page with RADIUS Authentication option.
  7. In the Splash Page URL and Shared Secret text boxes, type the URL for the splash page and type the shared secret.

External Splash Page with RADIUS Authentication Captive Portal settings page

For WatchGuard Wi-Fi Cloud portals created with Engage and Analyze, you can find this value in Analyze from the Analyze > Portals page. Click Show for the required portal.

  1. Click the RADIUS Settings hyperlink to configure RADIUS server settings that the AP uses to authenticate the wireless user.

You must have RADIUS Profiles configured for your RADIUS servers. If you do not have a RADIUS profile configured, select Configuration > Device Configuration > RADIUS Profiles, click Add RADIUS Profile, then type your RADIUS server details.

For more information on RADIUS server profiles and how to configure a RADIUS server, see Manage RADIUS Profiles.

  1. Click Save.

For more information on RADIUS splash page authentication, see External Splash Page with RADIUS Authentication.