View Categories

Requirements & Dependencies

Entrypoint RADIUS Proxy operates as a managed RADIUS proxy and forwarding service.
It depends on functional upstream RADIUS servers, network reachability, and properly configured client infrastructure to ensure successful authentication and accounting transactions.
This section describes the technical and operational requirements for using the Entrypoint RADIUS Proxy service.

#
Network Requirements #

Requires IP connectivity between network infrastructure (NAS devices) and the Entrypoint RADIUS Proxy endpoints.

#
Authentication Dependencies #

Requires an operational upstream RADIUS for forwarding authentication requests.
Supports standard RADIUS methods when used as a proxy.
Relies on correct shared secret configuration between Entrypoint RADIUS Proxy and remote RADIUS servers.

#
RadSec Requirements #

RadSec (RADIUS over TLS) requires valid X.509 certificates on both client and server sides.
Certificates must be signed by a trusted CA — either internal (organization-issued) or external (public CA).
Clock synchronization is required on all devices to validate certificate expiration dates (e.g., via NTP).

Operational Requirements #

Upstream RADIUS servers must be reachable and responsive for successful proxy operation.

Summary of Customer Responsibilities #
Configuration Area Customer Requirements
Upstream RADIUS Maintain an operational RADIUS or Identity Provider (IdP) service to which Entrypoint RADIUS Proxy can forward authentication and accounting requests. Ensure reachable endpoints, correct shared secrets, and valid response handling.
Remote RADIUS Configuration Provide hostname, ports, and secrets for the upstream RADIUS server. Verify that the server accepts requests from the Entrypoint RADIUS Proxy FQDN.
Certificate Requirements Maintain valid CA-signed or organization-issued certificates when using RadSec. Ensure certificate expiration monitoring and renewal processes are in place.
RADIUS Server Certificate Optionally upload a Bring-Your-Own-Certificate (BYOC) for RadSec communication, or use the Entrypoint-provided managed certificate.
RadSec (RADIUS over TLS) Enable RadSec if encrypted communication is required. Provide a valid certificate, verify trusted CAs, and ensure network device compatibility with RFC 6614.
TLS Version Requirement ✅ Only TLS 1.2 or higher is supported for all RadSec communications.
Network Access Ensure IP connectivity between access infrastructure (controllers, switches, gateways) and Entrypoint RADIUS Proxy.
Firewall Rules Allow bidirectional communication between customer infrastructure and Entrypoint RADIUS Proxy endpoints.
Message-Authenticator All RADIUS clients (e.g., wireless controllers, switches, VPN gateways) must include a valid Message-Authenticator attribute in authentication requests. Requests missing or incorrectly computed attributes will be rejected.
DNS and NTP Dependencies Ensure network devices can resolve Entrypoint hostnames and maintain accurate system time for certificate validation.

Netgraph
Powered by  GDPR Cookie Compliance
Cookie Overview

What are cookies?

Cookies are small text files consisting of letters and numbers. These are sent from Netgraph Sverige AB or our partners' web servers and stored on your device (for example, computer or mobile). They can be stored in two different ways.

Session cookies are temporary cookies that disappear when you close your browser or app.
Persistent cookies are cookies that remain on your computer until you delete them or until they expire.

Different types of cookies

Both our website and others, such as Facebook or Google, may place cookies on your computer when you visit this website. Cookies from the website you are visiting are called first-party cookies and cookies from other websites are called third-party cookies.

Other files, similar to cookies, are web beacons and similar technologies. Web beacons are small transparent graphic images that may be contained in emails we send to you.

Why do we use cookies?

We use cookies to make your visit to our website as enjoyable as possible, and to improve it even more. However, we do not store IP numbers or similar personal data about you.

Functionality cookies improve your experience

We store cookies about the pages you have visited to make your experience on our website as smooth as possible. For example, we can prevent you from seeing a pop-up window more than once.

Analytics cookies help us to make our website better

We use cookies to collect aggregate analytical information about how you use the site, such as statistics on our most popular pages. With the information we get, we can improve our web and our offers.

Deleting cookies

Your browser or device usually allows you to set which cookies can be stored on your computer. For example, you can choose to block all cookies, only accept cookies from the website you are visiting or delete all cookies when you close your browser. Look under Settings.

Questions?

Do you have any questions about how we use cookies? You can always reach Netgraph Sverige AB's data protection officer at info@netgraph.se

This information was updated on August 26, 2024.