SyferLock Help Center

PaloAlto RADIUS Integration

The Authentication Profiles available on the PaloAlto device limit the usage of the GridGuard server (virtual appliance) to only RADIUS. Therefore, a RADIUS Server Profile must be created on the PaloAlto device.

Create RADIUS Profile

Create RADIUS Profile

Create RADIUS Profile
  1. Navigate to Device->Server Profiles->RADIUS
  2. Click on Add

Setup Profile Name

Setup Profile Name

This step creates the RADIUS Server profile for GridGuard.   The Secret is used as an authentication key to secure traffic between the PaloAlto device and the GridGuard server (virtual appliance), and is the same as entered on the RADIUS configuration screen on the GridGuard virtual appliance.

  1. Give the Profile a name (e.g., 'GridRadiusProfile')
  2. Click Add
  3. Enter RADIUS server details
    (RADIUS Server is FQDN of GridGuard virtual appliance, Secret is used on the GridGuard virtual appliance)

Create RADIUS Authentication Profile

Add RADIUS profile

Add RADIUS profile

Once the Server Profile is created, an Authentication Profile must be created that uses that server definition.

  1. Navigate to Device->Authentication Profile
  2. Click Add

Set Profile Details

Set Profile Details

When creating the Authentication Profile, if you plan on using Active Directory groups for Access Control Group, make sure that the User Domain is set to the correct domain.  This ensures that the mapping of user to domain is done correctly.  User or Group Assignment may also be done under the Advanced tab in this dialog if you want to limit the RADIUS profile itself.

  1. In the Dialog, give it a name (e.g., "GridRadius").
  2. If you plan to use LDAP groups to authorize users, make sure to set this value to the Active Directory domain that is used.
  3. On the Advanced tab, set either to 'all', or to whatever group/users can use this authentication profile.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk