Documents in Radiu

Radius Bridge

1. Product Documentation This document is a configuration guide for OpenOTP Radius Bridge (RB). The reader should notice that this document is not a guide for installing and configuring OpenOTP or WebADM. Specific application guides are available through the RCDevs documentation website. 2. Product Overview OpenOTP Radius Bridge provides the RADIUS RFC-2865 (Remote Authentication Dial-in User Service) API for OpenOTP Authentication Server. Standalone, the OpenOTP server provides SOAP/XML and JSON interfaces over HTTP and HTTPS.

Communication ports used by RCDevs products

Overview This documentation demonstrates ports and protocols used by RCDevs products between different components. 1. Communication Ports used by RCDevs Products 2. WebADM Cluster Ports At RCDevs Hardening Guide is an example of the iptables firewall rules for a high availability cluster with 4 nodes. 3. Incoming and Outgoing Traffic per Product Product Incoming Outgoing WebADM Master (PKI role) & Web Services SSH TCP 22,

Client Policies

How To Create a Client Policy This documentation will explain how to configure a client policy on WebADM. 1. What is Client Policy? A Client Policy provides per-client application access control and customized configurations. The Client Policy objects are also used to customize the behavior of a client application (ex. a VPN server using OpenOTP Authentication Server). You can create a client policy object having the name of a Web Service’s client ID.

pfSense & OpenOTP

How To Enable OpenOTP Authentication on pfSense This document explains how to enable OpenOTP authentication with Radius Bridge and pfSense. 1. WebADM/OpenOTP/Radius Bridge For this recipe, you will need to have WebADM/OpenOTP installed and configured. Please, refer to WebADM Installation Guide and WebADM Manual to do it. You have also to install our Radius Bridge product on your WebADM server(s). 2. Register your pfSense in RadiusBridge On your OpenOTP RadiusBridge server, edit the /opt/radiusd/conf/clients.

WLAN EAP Authentication Radius

1. WebADM/OpenOTP/Radius Bridge For this recipe, you will need to have WebADM/OpenOTP installed and configured. Please, refer to WebADM Installation Guide and WebADM Manual to do so. You have also to install our Radius Bridge product on your WebADM server(s). For authentication, you have two possible mechanisms. Username and password authentication using EAP-TTLS Certificate authentication using EAP-TLS (Supported from WebADM 1.6.8 & Radius Bridge 1.3.6) The WLAN protocol used does not support challenge-response, so only Login Mode LDAP or LDAP + Simple Push authentication is supported.

ASA SSL VPN

1. WebADM/OpenOTP/Radius Bridge For this recipe, you will need to have WebADM/OpenOTP installed and configured. Please, refer to WebADM Installation Guide and WebADM Manual to do it. You have also to install our Radius Bridge product on your WebADM server(s). Another documentation on that setup is provided by Cisco at this link 2. Register your ASA SSL VPN in RadiusBridge On your OpenOTP RadiusBridge server, edit the /opt/radiusd/conf/clients.conf and add a RADIUS client (with IP address and RADIUS secret) for your ASA SSL VPN server.

F5 BIG-IP APM

1. WebADM/OpenOTP/Radius Bridge For this recipe, you will need to have WebADM/OpenOTP installed and configured. Please, refer to WebADM Installation Guide and WebADM Manual to do it. You have also to install our Radius Bridge product on your WebADM server(s). 2. Register your F5 VPN in RadiusBridge On your OpenOTP RadiusBridge server, edit the /opt/radiusd/conf/clients.conf and add a RADIUS client (with IP address and RADIUS secret) for your F5 VPN server.

Swift Alliance Access and OpenOTP

1. Overview In this documentation, we will demonstrate how to integrate OpenOTP with Swift Alliance Access 7.2 (AA). LDAP and Radius protocols can be used to integrate AA with OpenOTP. Here, we will demonstrate the Radius integration. This guide has been written with the help of the official Swift Alliance Access 7.2 Administrator Guide. So here, we will use RADIUS one-time passwords authentication method and not the embedded two-factor authentication module implemented in AA.

Juniper-Pulse

How To Enable OpenOTP Authentication On Juniper-Pulse Secure This document explains how to enable OpenOTP authentication with Radius Bridge and Juniper SSL VPN. 1. WebADM/OpenOTP/Radius Bridge For this recipe, you will need to have WebADM/OpenOTP installed and configured. Please, refer to WebADM Installation Guide and WebADM Manual to do it. You have also to install our Radius Bridge product on your WebADM server(s). 2. Register Your Juniper VPN In RadiusBridge On your OpenOTP RadiusBridge server, edit the /opt/radiusd/conf/clients.

Palo Alto

How To Enable OpenOTP Authentication in Palo Alto SSL VPN This document explains how to enable OpenOTP authentication in Palo Alto SSL VPN. 1. Register your Palo Alto VPN in RadiusBridge On your OpenOTP RadiusBridge server, edit the /opt/radiusd/conf/clients.conf and add a RADIUS client (with IP address and RADIUS secret) for your Palo Alto VPN server. Example: client <VPN Server IP> { secret = testing123 shortname = PaloAlto-VPN } 2.

NetIQ

1. WebADM/OpenOTP/Radius Bridge For this recipe, you will need to have WebADM/OpenOTP installed and configured. Please, refer to WebADM Installation Guide and WebADM Manual to do it. 2. NetIQ Installation and Initial Configuration We used the NetIQ appliance version 4.3 downloaded from the Microfocus website (trial version). ISO file name: AM_43_AccessManagerAppliance_Eval-0831.iso It’s SUSE Linux: netiqam:~ # cat /etc/SuSE-release SUSE Linux Enterprise Server 11 (x86_64) VERSION = 11 PATCHLEVEL = 4 NetIQ Access Manager Appliance 4.