Technical FAQs

Ask a Question

How do I configure RADIUS authentication on my APC IP/Cat5 KVM (AP5405/AP5401) or APC Console Port Server (AP9301/AP9302/AP9303)?



Issue

How do I configure RADIUS authentication on my APC IP/Cat5 KVM (AP5405/AP5401) or APC Console Port Server (AP9301/AP9302/AP9303)?


Product Line
  • Console Port Servers (discontinued)
    • AP9301
    • AP9302
    • AP9303

  • IP/Cat5 KVM Switches (discontinued)
    • AP5401
    • AP5405


Environment

  • All serial numbers
  • KVM Switch Firmware v2.0.0-2
  • Console Port Server Firmware v2.6.0-4

Cause


APC supports the use of RADIUS on the IP/Cat5 KVM and Console Port Server product line. APC's RADIUS implementation follows RFC (Request For Comments) standards for RADIUS authentication. APC does not certify or warrant, in either express or implied fashion, third party tools and software that will allow integration with APC's implementation of RADIUS. The APC IP/Cat5 KVM and Console Port Server products are distributed, set for Local authentication only. However, you can enable RADIUS support. The following instructions provide RADIUS configuration assistance through the web user interface.



Resolution



Note: Configuration below was performed with a FreeRADIUS server with IP/Cat5 KVM firmware version 2.0.0-2 and Console Port Server firmware version 2.6.0-4.



  1. Add the administrator username and password to the RADIUS server database. By default, the username for the KVM is "apc" and password is "apc", and the username for the Console Port Server is "root" and the password is "apc". By adding the administrator user account to the RADIUS server database, you will now have the ability to log into the KVM or Console Port Server with RADIUS, RADIUS/Local, or RADIUSdownLocal configured.

  1. With the administrator account added to the RADIUS server database, log into the KVM or Console Port Server.
On the KVM, once logged in, click on Configuration/KVM/Authentication/RADIUS. You must specify the IP address of Primary Authorization Server and the Primary Accounting Server. Secondary servers are available in the event you have multiple RADIUS servers. You must also add the RADIUS secret (This is obtained from your RADIUS server. If you do not know what the RADIUS server is you should contact your RADIUS server administrator.) When this information has been added, click on Done. Next, click on the Auth Type header. Choose your desired authentication type from the drop down menu. APC does advise that you choose RADIUS/Local for initial configuration, in case there is a mis-configuration issue on either the KVM or RADIUS server.
 
On the Console Port Server, once logged in, click on Security/Authentication/RADIUS. You must specify the IP address of Primary Authorization Server and the Primary Accounting Server. Secondary servers are available in the event you have multiple RADIUS servers. You must also add the RADIUS secret (This is obtained from your RADIUS server. If you do not know what the RADIUS server is you should contact your RADIUS server administrator.) When this information has been added, click on Apply Changes. Next, click on the Auth Type header. Choose your desired authentication type from the drop down menu. APC does advise that you choose RADIUS/Local for initial configuration, in case there is a mis-configuration issue on either the Console Port Server or RADIUS server.
  1. The KVM or Console Port Server is now configured for RADIUS support. Now that the administrator account has been added and configured, you can add other users to the KVM/Console Port Server. In order to add additional users, you must first add the username/password of the new user to the RADIUS server database.

  1. Once the new user has been added to the RADIUS server database, the new user must attempt to log into the KVM/Console Port Server. Once logged in, the user will have access to the KVM/Console Port Server, but will not have access to ports. At this time, the new user must log out. The administrator must then log back into the KVM/Console Port Server to assign permissions to the new user. Once the administrator has assigned permissions to the new user, the new user can log into the KVM/Console Port Server and have access to the assigned ports.

Please contact APC technical support if you have any questions on RADIUS configuration with regards to the IP/Cat5 KVM or Console Port Server. Questions relating to RADIUS configuration on your RADIUS server should be directed towards your RADIUS server administrator or RADIUS vendor.
Was this helpful?
What can we do to improve the information ?