IMG 1010 - Configure RADIUS
The IMG can be configured to serve as a RADIUS client that is configured to send CDR start & stop events to a separate RADIUS Server. The procedures below describe how to create and configure the IMG as a RADIUS Client which will communicate with a separate RADIUS Server. Click on the links below for more information on each topic. Below is a Quick Start diagram displaying the objects. Up to a total of 256 RADIUS server objects can be configured.
Before You Begin
Before configuring RADIUS on the IMG, a RADIUS server must be configured and the dialogic.dictionary file must be copied to one of the following directories:
If Configuring Free RADIUS in linux the dictionary file should be copied to /usr/share/freeradius as described in the Configuring Free Radius on Linux Red Hat topic.
If Configuring a separate RADIUS server, copy the dictionary.dialogic file to same directory that the main dictionary file is located. (/opt/dialogic/common/radius in GCEMS)
Radius Prepaid Support Mode will be disabled if Radius Debug Mode is enabled. The two modes cannot be enabled at the same time.
Configuring a RADIUS Authentication Server (Optional)
The IMG only verifies if authentication is accepted or rejected by the RADIUS Server; it does not act on any other information returned by the server. Follow procedure below to configure the IMG to act as an Authentication Server.
Right-click on the Dialogic IMG EMS object and select New External Network Elements. This is a container object and no configuration is needed here. Refer to IMG 1010 - External Network Elements topic for more information on this topic.
Right click External Network Elements and select New Radius Servers. The Radius Servers object is a container object for multiple RADIUS servers to be configured under it. Refer to IMG 1010 - RADIUS Servers for more information on this topics.
Right-click Radius Servers and select New Radius Server.
Radius ID - This field is populated with next RADIUS Server ID. To modify, select a new ID from drop down menu.
Radius Server Name - Radius Server Name is populated with Radius_Server<Radius ID>. To modify the name, click in Radius Server Name and enter new name.
Radius Server Type - Select Authentication from drop down menu
Radius Server Data Format - The VSAs sent to external RADIUS server will use the Dialogic Vendor Format (3028).
Radius Server IP Address - Enter IP Address of Radius Server
Radius Server Port - Default Port is 1812. To modify, click in the Radius Server Port field and enter a new port number.
Radius Server UserName - Enter a Username that will be used in the RADIUS Access Request message to the RADIUS Server.
Radius Server Password - Enter a Password that will be used in the RADIUS Access Request message to the RADIUS Server.
Radius Server Authentication - Select from drop down menu either PAP or CHAP authentication method.
Radius Server Secret - Enter a text string (case sensitive) that is used to authenticate communication between a RADIUS server and a RADIUS client.
Refer to the IMG 1010 - RADIUS Server topic for more information on the object.
Configuring a RADIUS Accounting Server
In this case, only an Accounting Server is assigned to the RADIUS client. The RADIUS server configured for accounting utilizes various methods such as STOP and START times to track lengths of calls and can be used to track billing information for the call.
Right click on the Dialogic IMG EMS object in the Configuration Tree and select New External Network Elements. This is a container object and no configuration is needed here. Refer to IMG 1010 - External Network Elements topic for more information on this topic.
Right click on External Network Elements and select New Radius Servers. The Radius Servers object is a container object for multiple RADIUS servers to be configured under it. Refer to IMG 1010 - RADIUS Servers for more information on this topics.
Right-click on Radius Servers and select New Radius Server. See screen capture below.
Radius Server ID - This field is populated with next RADIUS Server ID. To modify, select a new ID from drop down menu.
Radius Server Name - Radius Server Name is populated with Radius_Server<Radius ID>. To modify the name, click in Radius Server Name and enter new name.
Radius Server Type - Select Authentication from drop down menu
Radius Server Data Format - The VSAs sent to external RADIUS server will use the Dialogic Vendor Format (3028).
Radius Server IP Address - Enter IP Address of Radius Server
Radius Server Port - Default Port is 1813. To modify, click in the Radius Server Port field and enter a new port number.
Radius Server UserName - Enter a Username that will be used in the RADIUS Access Request message to the RADIUS Server.
Radius Server Password - Enter a Password that will be used in the RADIUS Access Request message to the RADIUS Server.
Radius Server Authentication Type - Not Used if the Radius Server Type is set to Accounting
Radius Server Secret - Enter a text string (case sensitive) that is used to authenticate communication between a RADIUS server and a RADIUS client.
Refer to the IMG 1010 - RADIUS Server topic for more information on this object
Configuring a RADIUS Client
The IMG can be configured to be the client of a RADIUS Server/Client network. Once configured, the IMG will send VSA's back and forth to a configured RADIUS Server. One RADIUS Client object can be created per IMG since the IMG is the RADIUS Client.
Right-click on the Dialogic IMG EMS object in the Configuration Tree and select New Physical IMG. Refer to the IMG 1010 - Physical IMG topic for more information on this object.
Right-click on the IMG Name object and select New Radius Client. See screen capture below.
Radius Client Network Interface - The RADIUS Client Network Interface field is a drop down list displaying the IP addresses of each of the Ethernet interfaces configured on the rear of the IMG. Select which interface/IP Address will be used to communicate with the RADIUS Server.
Authentication Port - Default Port is 1812. To modify, click in the Radius Server Port field and enter a new port number.
Accounting Port - Default Port is 1813. To modify, click in the Radius Server Port field and enter a new port number.
Radius Server Debug Mode - Default setting is Off. Calls will not complete if external RADIUS server becomes unavailable. When Debug Mode is On, calls will be completed whether the RADIUS server is active or not.
Pre-Paid Support - The default is Disabled and the IMG will ignore data received in RADIUS Authentication Response messages. If enabled the IMG will act on data received.
Radius Time Format - Select the format the RADIUS CDRs will present the time as.
Primary Authentication Server - Select from drop down menu of configured RADIUS servers. This will be configured as the primary Authentication server. Only RADIUS servers configured as Authentication servers will be displayed in this list.
Secondary Authentication Server - Select from drop down menu of configured RADIUS servers. This will be configured as the secondary Authentication server. Only RADIUS servers configured as Authentication servers will be displayed in this list.
Primary Accounting Server - Select from drop down menu of configured RADIUS servers. This will be configured as the primary Accounting server. Only RADIUS servers configured as Accounting servers will be displayed in this list.
Secondary Accounting Server - Select from drop down menu of configured RADIUS servers. This will be configured as the secondary Accounting server. Only RADIUS servers configured as Accounting servers will be displayed in this list.
Refer to the IMG 1010 - RADIUS Client topic for more information on this object.