Steel Belted Radius Carrier 7.0 Administration and Configuration Guide > Administering RADIUS Tunnels > Configuring RADIUS Tunnels

Configuring RADIUS Tunnels

The Tunnels panel (Figure 50) lets you configure Steel-Belted Radius Carrier to support tunnels. When you add a tunnel entry, you are not creating a tunnel; you are enabling Steel-Belted Radius Carrier to support an existing tunnel's authentication and accounting needs and specifying how the server should parse tunnel names.

Figure 50: Tunnels Panel

Adding a Tunnel

To add a tunnel entry:

1. Choose Tunnels > Tunnels in the sidebar.
2. Click the Add button in the Steel-Belted Radius Carrier toolbar.

The Add Tunnel dialog (Figure 51) opens.

Figure 51: Add Tunnel Dialog

3. Enter the name of the tunnel name in the Name field.

Tunnel names do not need to match the actual node name of a client tunnel server. The name you assign to a tunnel must not match the name assigned to a proxy target, realm, or tunnel in your Steel-Belted Radius Carrier configuration.

4. Enter a description of the tunnel in the Description field.

Tunnel descriptions are used only for administrative purposes and do not affect tunnel connections. This field is typically used to identify the user or organization that uses the tunnel.

5. Associate attributes and values with the tunnel you are setting up.

When a tunnel is used to make a connection, the attributes associated with the tunnel are filtered according to the make/model of the RADIUS client used to establish the connection.

To associate attributes and values with a tunnel:

1. Click the Add button below the Attributes list.

The Add Tunnel Attribute dialog (Figure 52) opens.

Figure 52: Add Tunnel Attribute Dialog

1. Select the attribute you want to add from the Attributes list.
2. Specify the string or IP address you want to use for the attribute value.
3. Click Add.
4. When you finish adding attributes for the tunnel, click Close.

6. Optionally, specify one or more Called Station IDs for the tunnel.

A Called Station ID is a telephone number that was dialed to make a network connection. The Called station ID list identifies the Called-Station-Id attribute values that the server expects to find in tunnel connection requests.

To add one or more Called Station ID numbers for a tunnel:

1. Click the New button to the right of the Called Station ID list.

The Add Called Station ID dialog (Figure 53) opens.

Figure 53: Add Called Station ID Dialog

1. Enter the number you want to use in the Called station ID field.
2. Click Add.

Repeat Steps a-c until you have added all called station IDs for the tunnel.

1. When you are finished adding called station IDs, click Close.

7. If you want to limit the number of connections that can use the tunnel simultaneously, click the Maximum open tunnels check box and enter the maximum number of tunnels in the Maximum open tunnels field.
8. Click OK.

Editing a Tunnel

To edit a tunnel entry:

1. Choose Tunnels > Tunnels in the sidebar and select the tunnel you want to edit. Click Edit.

The Edit Tunnel dialog (Figure 54) appears.

Figure 54: Edit Tunnel Dialog

2. Modify the settings for the tunnel as appropriate.
3. Refer to Adding a Tunnel142 for information on how to use the fields and controls on the Edit Tunnel dialog.
4. When you are finished, click OK.

Deleting a Tunnel

To delete a tunnel entry from the Steel-Belted Radius Carrier database:

1. Choose Tunnels > Tunnels in the sidebar.
2. Select the tunnel you want to delete and click the Delete button on the Steel-Belted Radius Carrier toolbar (or right-click the entry and choose Delete from the context menu that appears).
3. When the Confirm Delete dialog opens, click Yes.

Configuring Tunnel Name Parsing

Tunnel name parsing lets Steel-Belted Radius Carrier determine whether the name string provided by a user includes a tunnel name by looking for the character configured as the delimiter for tunnel information. Tunnel name parsing options apply to all tunnels maintained by Steel-Belted Radius Carrier. You cannot set name parsing options for individual tunnels.

To configure tunnel name parsing:

1. Choose Tunnels > Name Parsing in the sidebar.

The Name Parsing dialog (Figure 55) appears.

Figure 55: Tunnel Panel: Name Parsing

2. Click one of the following radio buttons:

• None—Tunnel name parsing is not supported. If you choose this option, the tunnel authentication sequence is bypassed for each Access-Request; the server uses the standard username/password authentication sequence only.
• Tunnel name is prefix—If the tunnel delimiter character is detected, the User-Name is assumed to be TunnelName<PrefixDelimiter>User.
• Tunnel name is suffix—If the tunnel delimiter character is detected, the User-Name is assumed to be User<SuffixDelimiter>TunnelName.

The option you choose applies to all tunnels defined on the server.

3. If you clicked Tunnel name is prefix or Tunnel name is suffix, use the Parsing delimiter field to specify the character used to separate the tunnel name and the username.

The default delimiter character for tunnel name parsing is @.

NOTE: Choose different delimiter characters and different prefix/suffix name parsing conventions for tunnels and for proxies or realms.