Home / Products / Radius

OpenOTP Radius Bridge

OpenOTP Radius Bridge provides the RADIUS RFC-2865 (Remote Authentication Dial-in User Service) service for your OpenOTP server. With OpenOTP Radius Bridge, you can integrate any RADIUS-compliant VPN/Firewall and many other software applications requiring end-user authentication. Radius Bridge is implemented over the robust and flexible FreeRADIUS Software available at http://www.freeradius.com/.

The supported authentication schemes are based on OpenOTP One-Time Password mechanisms:

• OATH Time-based, Event-based and Challenge-based Software Token
• OATH Time-based, Event-based and Challenge-based Hardware Token
• SMS One-Time Passwords
• Mail / Secure Mail One-Time Passwords
• Yubikey Hardware Token
• mOTP Software Tokens

By design, some of the OpenOTP One-Time Password authentication require a challenge response mechanisms (user prompt for SMS or Token passwords). The Challenge-Response operating mode is part of the RADIUS standard and requires your applications to support Radius Challenge-Response. OpenOTP can work in challenge and non-challenge mode.

		OpenOTP RADIUS Service
	Radius Bridge is 100% compliant with the RADIUS RFC-2865 standard. It also compatible with any RADIUS-enabled software. You can use OpenOTP RADIUS Bridge with: VPN Servers (ex. Checkpoint, Cisco, F5, Fortigate, Palo Alto...) SSL VPN Servers (ex. Juniper) Citrix XenApp Server Microsoft ISA/TMS Linux Radius-enabled services (ex. OpenVPN) And many others...

		Key Features
	Robust implementation built on top of the FreeRADIUS Server. 100% compatible with RADIUS standard (RFC-2865). Supports NT Domain-style login names (i.e. Domain\Username) with configurable separator. Supports LDAP, OTP and LDAP+OTP authentication with Challenge-Response or concatenated passwords. Supports per user/group reply data in configurable Radius attribute (ex. FilterID) for VPN clients' rule-based policies. Bridges all the OpenOTP functionalities (including OATH, MobileOTP, SMSOTP, MailOTP, Yubikey). No additional OpenOTP configuration required. Supports Hardware and Software Tokens. Supports passing OpenOTP user settings in the OpenOTP SOAP requests. Supports OpenOTP user settings provided by the Radius client (in configurable Radius attribute). Full multilingual support with Unicode and UTF-8.