The Remote Authentication Dial-In User Service (RADIUS) monitor verifies that an authentication server can perform an internal database lookup and respond to an authentication request. RADIUS is commonly used to provide authentication and authorization for dial-up, virtual private network, and wireless network access from a centralized server.
This monitor tests whether the RADIUS server can respond to an authentication request by analyzing the round-trip time of a request. The monitor transmits the user credentials and connection parameters in a RADIUS message to the RADIUS server. It waits for the RADIUS server to authenticate and authorize the access request. After it receives the authentication, it validates the RADIUS message response. If the service does not respond within your maximum test duration value, the test fails.
The RADIUS monitor tests the RADIUS server to verify its availability and responsiveness. It does not log in to the RADIUS server using the account information provided during the initial configuration. It tests the authentication server to ensure it can perform an internal database lookup and respond to an authentication query.
Depending on your RADIUS solution, you may not need to provide account or secret information. If you provide invalid account information, your authentication solution may send negative responses instead of quietly discarding the requests. If this occurs, ipMonitor accepts that the service is available.
Create a RADIUS monitor
- Click Devices in the toolbar.
- Locate and click the targeted device you want to monitor.
In the toolbar, click Add > Add New Monitor.
- In the Select Monitor menu, click RADIUS.
Under Identification, enter information about the monitor.
Enter a name in the Monitor Name field using up to 64 characters. This name will appear in the monitor list, monitor status, log files, and your reports.
You can change this name later, if necessary. ipMonitor does not use this field to internally identify this monitor.
Select Enabled to enable the monitor.
When enabled, the monitor tests the specified resource using the settings you enter under Test Parameters. You can disable the monitor later if required.
- Select Store Monitor Statistics for Recent Activity and Historical Reports to enable this functionality.
Under Test Parameters, enter the monitor testing parameters.
Enter the IP address or fully qualified domain name of the RADIUS device you want to monitor. For example:
- Enter the UDP port that the target printer responds on during a query. This field may be automatically populated for you.
Click Select and choose or create a credential for the monitor.
Under Timing, configure the fields for the monitor testing states.
- In the Maximum Test Duration field, enter the maximum test duration rate (in seconds) that the monitor times out before the test is considered a failure.
In the remaining fields, enter the number of second between each test while the monitor is in an OK state (Up), a failed state while alerts are processed (Down), and a failed state and the maximum number of alerts have been processed (Lost).
In the Lost state, no additional failure alerts are processed. However, a recovery notification is sent if the monitor recovers.
Under Notification Control, complete the fields to determine how many test failures must occur before an alert is sent.
- Enter the number of test failures that occur for each alert before ipMonitor generates an alert for the monitor. The default option is 3.
Enter the maximum number of alerts to send before the monitor enters a Lost state.
The monitor must be assigned to a notification alert to generate an action.
Under Recovery Parameters, complete the fields to indicate the corrective action used to automatically restore a resource using the External Process Recovery, Reboot Server Recovery, or Restart Service Recovery action.
- Enter the Fully Qualified Domain Name (FQDN), NetBIOS, or IP Address of the machine hosting the service that needs a restart or the machine that needs a restart. You can also click Browse to locate and select the machine.
- Select the set of credentials used by the recovery alert. You can select a specific credential to execute recovery alerts that require access to restricted resources, such as Reboot Server, Restart Service, or External Process.
- Select the list of services to restart on the target machine specified in the FQDN/NetBIOS/IP Address field. This field is only required for the Restart Service alert. If a service has dependencies, select all dependent services.
- Click OK.