RADIUS Two-Factor and LDAP Authentication
This article relates to LoadMaster firmware version 7.2.52.
In LoadMaster firmware version 7.2.52, support was added for RADIUS two-factor and LDAP authentication. To configure this:
- Select RADIUS and LDAP as the Authentication Protocol when adding or modifying a client-side Single Sign On (SSO) domain in Virtual Services > Manage SSO. If the RADIUS server is configured to use two-factor authentication, the LoadMaster will detect this automatically and perform RADIUS two-factor authentication.
- Set the LDAP Endpoint and RADIUS Server(s) for this SSO domain.
The LoadMaster uses the credentials specified for the LDAP Endpoint configuration to contact the RADIUS and LDAP servers and verify client SSO credentials. So, these administrative credentials must be configured on all the RADIUS and LDAP servers in the domain.
- Select Exchange or Blank as the SSO Image Set in the ESP Options section of the Virtual Service Modify screen.
- Set the other parameters as appropriate for your configuration.
For further details on RADIUS authentication in general, refer to the Long Term Support (LTS) RADIUS ESP Authentication Feature Description.
For further details on the Edge Security Pack (ESP) in general, refer to the LTS ESP Feature Description.