The RADIUS module accepts properly formatted "Access-Request" requests from RADIUS clients, retrieves the User-Name and User-Password attributes and tries to find the specified CommuniGate Pro Account and verify its password. If the password can be verified and the Account and its Domain both have the RADIUS Service enabled, a positive response is sent to the RADIUS client, otherwise a negative response with the error code text is sent.
If the CommuniGate Password option is enabled for the specified Account, the RADIUS module checks if the Account has the RADIUSPassword setting. If it exists, it is used instead of the standard Password setting. This feature allows an Administrator to assign a alternative Account password to be used for the RADIUS authentication only.
Note: clients authenticating via RADIUS do not use any network address on the Server, and Secondary Domain users should specify their full Account name (account@domain), or should specify a name that is routed to their Account using the Router. Because the Router is used to process the User-Name attribute, account aliases can be used for authentication, too. See the Access section for more details.