You can use RADIUS to enable 2 Factor Authentication for end users.
About this task
Make sure that primary and secondary tenant appliance IP addresses are registered as clients in the RADIUS server. Obtain the tenant appliance IP addresses from your VMware representative.
- Select .
- Configure the authentication.
2nd factor Auth Method
Select Yes to maintain the username during authentication. The user who is attempting to authenticate must have the same username credentials for RSA and Domain Challenge. If you select No, the username field is not locked and the user can enter a different name.
External Connections Only
Select NO to configure 2 Factor Authentication for internal users from within the system. Use Access Point to configure external users.
(Required) Name that distinguishes the type of RADIUS authentication being used.
Host Name / IP Address
(Required) DNS name or IP address of the authentication server.
(Required) Secret for communicating with the server. The value must be identical to the server configured value.
UDP port configured to send or receive authentication traffic. Default is 1812.
UDP port configured to send or receive accounting traffic. Default is 1813.
Select the RADIUS authentication protocol: PAP, CHAP, MS-CHAPv1, or MS-CHAPv2.
Number of seconds to wait for a response from the RADIUS server. Default is five seconds.
Max number of retries
Maximum number of times to retry failed requests. Default is three tries.
Name and delimiter of realm to be prepended to the username during authentication.
Name and delimiter of realm to be appended to the username during authentication.
Default is NO. If set to YES, specify a secondary RADIUS server to be used when the primary server is not responding.
- Click Save
- Enter your username and passcode in the Test Authentication dialog box, then clickTest.
If authentication is successful, users attempting to authenticate with the tenant portals will see a dialog box asking them to log in with their RADIUS credentials, followed by their domain credentials.
- If the Test Authentication credentials fail, the settings are not saved. Correct the username or passcode and try again.