You enable the RADIUS authentication method and configure the RADIUS settings in the Workspace ONE Access console.
Prerequisites
Install and configure the RADIUS software on an authentication manager server. For RADIUS authentication, follow the vendor's configuration documentation.
The following RADIUS server information is required to configure RADIUS on the Workspace ONE Access service.
- IP address or DNS name of the RADIUS server.
- Authentication port numbers. Authentication port is usually 1812.
- Authentication type. The authentication types include PAP (Password Authentication Protocol), CHAP (Challenge Handshake Authentication Protocol), MSCHAP1, MSCHAP2 (Microsoft Challenge Handshake Authentication Protocol, versions 1 and 2).
- RADIUS shared secret that is used for encryption and decryption in RADIUS protocol messages.
- Specific timeout and retry values needed for RADIUS authentication
The User Auth service installed as a component of the Workspace ONE Access connector version 20.01. See Installing VMware Workspace ONE Access Connector 20.01.
Procedure
What to do next
Add RADIUS as an authentication method to the built-in identity provider configuration page.
Add the RADIUS authentication method to the default access policy. Go to the Identity & Access Management > Manage > Policies page and edit the default policy rules to add the RADIUS authentication method to the rule. See Managing Access Policies in Workspace ONE Access That Apply to Users.
For high availability, associate this RADIUS authentication method to other registered Workspace ONE Access connectors where the enterprise service User Auth is installed.