Configure the RADIUS Security Provider Settings


This field displays the name you assigned to this configuration.

Service Type

This field displays the service type you selected on the previous page.

Server Type

This field displays the type of server for which you are configuring this connection.

Keep Display Name Synchronized with Remote System

If this option is selected, the display names of users authenticating against this security provider will always match the display names pulled from the directory store. If this option is deselected, display names can be edited locally on the Bomgar Appliance.

RADIUS Host Address

Specify the hostname or IP address of the server that houses your external directory store.

RADIUS Authentication Port

Specify the authentication port for your RADIUS server. This is typically port 1812.

RADIUS Shared Secret

Provide a new shared secret so that your Bomgar Appliance and your RADIUS server can communicate.

Timeout (Seconds)

Set the length of time to wait for a response from the server. Note that if the response is Response-Accept or Response-Challenge, then RADIUS will wait the entire time specified here before authenticating the account. Therefore, it is encouraged to keep this value as low as reasonably possible given your network settings. An ideal value is 3-5 seconds, with the maximum value at three minutes.

Only Allow the Following Users

You can choose to allow access only to specified users on your RADIUS server. Enter each username separated by a line break. Once entered, these users will be available from the Add Policy Member dialog when editing group policies on the /login > Users & Security > Group Policies page.

If you leave this field blank, all users who authenticate against your RADIUS server will be allowed; if you allow all, you must also specify a default group policy.

Default Policy

Each user who authenticates against an external server must be a member of at least one group policy in order to authenticate to your Bomgar Appliance, logging into either the /login interface or the representative console. You can select a default group policy to apply to all users allowed to authenticate against the configured server.

Note that if a default policy is defined, then any allowed user who authenticates against this server will potentially have access at the level of this default policy. Therefore, it is recommended that you set the default to a policy with minimum privileges to prevent users from gaining permissions that you do not wish them to have.

Note: If a user is in a default group policy and is then specifically added to another group policy, the settings for the specific policy will always take precedence over the settings for the default, even if the specific policy is a lower priority than the default, and even if the default policy's settings are set to disallow override.

If you chose to allow all users in the previous step, you are required to designate a default policy. If no default policy is defined, then you must individually assign explicitly allowed RADIUS users to group policies.

Click Add Server to save this security provider configuration.

Configure RADIUS Server