View Categories

Administration

Entrypoint RADIUS Proxy provides centralized configuration and monitoring for RADIUS proxy operations.
Administrators can create and manage proxy contexts, configure remote RADIUS servers, define attribute policies, and integrate with network infrastructure over secure RadSec connections.
All management functions are available through the Entrypoint Admin Portal.

Context Creation #

The “Create RADIUSaaS Context” functionality within the Entrypoint administrative portal empowers organizations to effortlessly configure and manage secure network authentication contexts. Through a streamlined and user-friendly interface, administrators can quickly set up contexts tailored specifically to their organization’s requirements.

  • Context Type Selection: EntryPoint 2.0 (RADIUS Proxy / eduroam)

  • Context Name: Clearly define each context with a custom name, enhancing clarity, organization, and ease of future management.

  • Context Description: Provide supplementary context details or documentation, facilitating better internal communication and easier auditing.


Context Configuration #
Basic Configuration #

Default Device Group

  • Automatically associates newly connected devices with the Default Device Group within the context.
  • Provides immediate visibility of default device assignments and attribute associations.
  • Simplifies device organization and attribute application through group-based management.

 

Context Management

  • Clearly displays the context name, enabling straightforward renaming to align with organizational naming conventions.
  • Allows administrators to update or extend the description for documentation and traceability.
  • Supports deletion of entire contexts, with explicit warnings to prevent accidental data loss.
    Ensures deletion actions clearly indicate all affected elements — including groups, users, integrations, and attribute profiles — before confirmation.

 

Remote RADIUS Server

  • Allows configuration of the remote (upstream) RADIUS server used for authentication and accounting.
  • Provides input fields for remote hostname, authentication port, accounting port, and RadSec port if applicable.
  • Supports definition of a RADIUS Secret for secure communication between proxy and remote server.
  • Enables full RadSec configuration, including:
    • Activation of RADIUS over TLS (RadSec) for encrypted connections
    • Upload and management of trusted certificate authorities (CA)
    • Assignment of organizational or public certificates to the proxy server
    • Ensures validated and secure RADIUS message exchange with external systems.
#
Attribute Profiles #

  • Attribute Profile Creation: Users can create attribute profiles by specifying unique profile names, clear descriptions, and defining attribute types and values through structured dropdown menus.

  • Structured Attribute Display: Attributes are displayed in a standardized format, highlighting vendor-specific attribute-value pairs (e.g., Cisco AV-pairs such as security-group tags or private-group identifiers) for clear identification and integration.

  • Profile Management and Modification: Existing profiles can be edited or deleted directly from the interface, providing administrators with precise control over attribute profile management.

  • Enhanced Traceability: Profile creation timestamps are recorded, supporting traceability, compliance auditing, and operational transparency.

Network Integration #
Basic Settings #

  • View and configure the RADIUS Hostname for network identification.

  • Specify the RADIUS client secret, a critical component for ensuring secure communication between the RADIUS server and clients.

  • Enable and configure RADIUS Server Accounting with recommended interim update intervals to maintain accurate and timely session records.

RADIUS Server Certificate #

  • Certificate Overview: View currently active server certificates, including issuer and expiration dates.

  • Certificate Management: Upload, replace, or manage RADIUS server certificates issued by recognized Certificate Authorities (e.g., GoDaddy).

  • Download Certificates: Administrators can conveniently download server certificates for record-keeping, backup, or integration purposes.

  • Update Functionality: Easily upload and manage new or updated server certificates, ensuring continuous secure authentication operations.

RadSec #

  • RadSec Activation: Enable or disable RadSec functionality, which secures RADIUS communications by leveraging TLS for data encryption and integrity.

  • Trusted Certificates: View and manage certificates from trusted entities authorized for RadSec-protected interactions, ensuring secure and authenticated communication.

  • Certificate Handling: Efficiently upload, update, or download RadSec trusted certificates, supporting secure integration with specific network infrastructure, such as Cisco Meraki environments.

Configure RADIUS Access Restrictions #

  • Define permitted IP ranges that can access the RADIUS service by specifying IP addresses in CIDR notation.

  • Maintain robust security by strictly limiting access to trusted IP addresses, or, if necessary, configure for unrestricted public access.

  • Update and apply the configured IP access filters immediately to reflect policy changes.


Group Configuration and Overview #
Default Group Overview #
  • A Default Device Group is automatically assigned to all devices connecting to the network.

  • Monitor Group Assignments: View and manage devices connected to the network, with detailed information including device status, MAC address, connected network, last seen timestamp, device description, connected access point, connection type, and IPv4 address.

  • Default Group Search and Filtering: Capability to search or filter devices by description, MAC address, or location for focused management or troubleshooting.

  • Audit Logging: Track creation dates of groups for compliance and governance purposes.

Default Group Configuration
 #
Connected Devices #

  • Device Overview: View and manage devices connected to the network, with detailed information including device status, MAC address, connected network, last seen timestamp, device description, connected access point, connection type, and IPv4 address.

  • Search and Filtering: Capability to search or filter devices by description, MAC address, or location for focused management or troubleshooting.

Group Settings #

  • Attribute Profiles Management: Selection and application of predefined attribute profiles to configure access policies and settings specific to user groups.

  • Group Identification Management: Configuration of the group name and options to update or remove the group entirely.

Netgraph
Powered by  GDPR Cookie Compliance
Cookie Overview

What are cookies?

Cookies are small text files consisting of letters and numbers. These are sent from Netgraph Sverige AB or our partners' web servers and stored on your device (for example, computer or mobile). They can be stored in two different ways.

Session cookies are temporary cookies that disappear when you close your browser or app.
Persistent cookies are cookies that remain on your computer until you delete them or until they expire.

Different types of cookies

Both our website and others, such as Facebook or Google, may place cookies on your computer when you visit this website. Cookies from the website you are visiting are called first-party cookies and cookies from other websites are called third-party cookies.

Other files, similar to cookies, are web beacons and similar technologies. Web beacons are small transparent graphic images that may be contained in emails we send to you.

Why do we use cookies?

We use cookies to make your visit to our website as enjoyable as possible, and to improve it even more. However, we do not store IP numbers or similar personal data about you.

Functionality cookies improve your experience

We store cookies about the pages you have visited to make your experience on our website as smooth as possible. For example, we can prevent you from seeing a pop-up window more than once.

Analytics cookies help us to make our website better

We use cookies to collect aggregate analytical information about how you use the site, such as statistics on our most popular pages. With the information we get, we can improve our web and our offers.

Deleting cookies

Your browser or device usually allows you to set which cookies can be stored on your computer. For example, you can choose to block all cookies, only accept cookies from the website you are visiting or delete all cookies when you close your browser. Look under Settings.

Questions?

Do you have any questions about how we use cookies? You can always reach Netgraph Sverige AB's data protection officer at info@netgraph.se

This information was updated on August 26, 2024.