Idaptive Radius MFA

Hello! We would like to use PrivacyIdea as authentication provider for one app we have in process, the app need to have MFA and use Idaptive Radius for the second factor. We try to configurate from the WebUI, but its not working ( The logs says that the dictionary file not exists ).
We read several docs and forum and their always do referens to privacyidea-radius, but i read “PaloAlto Radius MFA” and it’s not clear if you have to or not install privacyidea-radius to use another Radius Server.
So is necesary to install privacyidea-radius?

Thank you. Regards. :slight_smile:

Welcome to privacyIDEA!
It helps a lot, when you quote (with a link) what you have read. Because there are a lot of things around one can read. E.g. I do not know where you have “Palo Alto…”… this sentence is of no use to me. (It probably was also of no use to you).

Hm I think we actually are missing one part in the documentation here:

You must not configure RADIUS in the privacyIDEA WebUI, that is for RADIUS servers, to which privacyIDEA will forward authentication requests. This would not be the RADIUS server you are talking about, which actually needs to send the auth request to privacyidea.

Yes, you need privacyidea-radius!

Hi Cornelinux! My bad. I forgot to include the link to discussion of Palo Alto.
I put the link to this anwser for in the future someone read this question can understend
https://community.privacyidea.org/t/paloalto-radius-mfa/1348

Thank you for the response and clarify me the issue to Radius.

Regards.

Hi Maria,

ok. This is simply a community post and not a real documentation.
We will add the required documentation to clarify this.
See https://github.com/privacyidea/privacyidea/issues/2448

I never heart of idaptive before (thought it was a typo :wink:
However, I created an image:

radius-server-chain

Bascially the “RADIUS client” would be your idaptive RADIUS server. It needs to forward requests to the privacyIDEA FreeRADIUS.
Regards
Cornelius

1 Like