Book Demo!

˂ Return to FAQ

RADIUS based MFA – How to Configure in XTAM

XTAM supports integration with MFA providers that utilize the RADIUS Authentication protocol. This FAQ article will describe how to proceed with the configuration in XTAM, but please note that you will need to know the specific values to use. If you do not know the specific configuration of your RADIUS based provider, please contact your Administrator or the Vendor for further assistance.

Pre-requisite: XTAM must be deployed with and configured to use its Federated Sign-In component in order to integrate with multi-factor authentication providers.

1

Configure XTAM with the Federated Sign-In module and ensure that it is working properly.

2

Log on to the XTAM host computer.

3

Stop the PamManagement (Windows) or the pammanager (Linux) service. XTAM will be offline until this procedure is completed.

4

Open the file <XTAM_HOME>/web/conf/catalina.properties and add the following lines to this file, inputting your MFA specific values (marked in red bold) where applicable:

cas.authn.mfa.globalProviderId=mfa-radius
 
cas.authn.mfa.radius.client.sharedSecret=secret
cas.authn.mfa.radius.client.authenticationPort=1812
cas.authn.mfa.radius.client.accountingPort=1813
cas.authn.mfa.radius.client.inetAddress=localhost
cas.authn.mfa.radius.server.protocol=CHAP  (options include PAP, CHAP, MSCHAPv1, MSCHAPv2, EAP-MD5, EAP-MSCHAPv2)

Please talk with your RADIUS or Network Administrator to learn what values should be set for the XTAM configuration.

If you wish to enable different MFA providers for individual users or group, please read this article for additional information.

5

When complete, save and close this file.

6

Start the PamManagement (Windows) or the pammanager (Linux) service and try your RADIUS two-factor authentication login.

 
 

Copyright © 2020 Xton Technologies, LLC. All rights reserved.