I currently have a wireless system (aerohive) that is also supplying the radius server (built into a aerohive AP).
Currently when looking at logs/reports/etc. in web protection all my "users" are either dns hostnames (ex. computer123.mydomain.com) or IP addresses (ex 10.4.1.1.mydomain.com).
Should I not be able to add my aerohive radius server in sophos utm as a authentication server, create a dynamic usergroup with the backend membership being that radius server so those ip's now become usernames?
My current issue is actually adding the radius server.
The server is the correct IP host for the aerohive AP.
The port I have in the UTM matches the radius server port of 1812.
The shared secret matches. When I "test" I receive "Error: bad response authenticator"
--> Live log:
2015:03:17-15:49:23 HS1ASG aua[30862]: id="3006" severity="info" sys="System" sub="auth" name="Spawned child for authentication test"
2015:03:17-15:49:23 HS1ASG aua[30862]: id="3006" severity="info" sys="System" sub="auth" name="Bind test request: radius"
2015:03:17-15:49:23 HS1ASG aua[30862]: id="3006" severity="info" sys="System" sub="auth" name="Bind test failed. Method: radius, error: DENIED
2015:03:17-15:49:23 HS1ASG aua[30862]: bad response authenticator"
Any ideas?
[:S]
This thread was automatically locked due to age.
