The SafeNet Agent for FreeRADIUS is a highly secure, enterprise authentication agent that enables RADIUS clients to communicate with SafeNet Authentication Service Private Cloud Edition (SAS PCE) and SafeNet Trusted Access (STA) using SSL/TLS.

This document explains in detail how to install and configure FreeRADIUS agent to authenticate against SAS PCE or STA.

The agent uses an encrypted key file to communicate with the SafeNet server. This ensures that all authentication attempts made against the server are from valid recognized agents. To accomplish this, a key file is generated at the SafeNet server and provided or loaded at the agent.

Authentication flow

The following steps broadly depict the flow of actions for the agent solution:

1. The client sends an authentication request to the FreeRADIUS agent.

2. The FreeRADIUS agent sends a web-service request to the SafeNet server.

3. If authentication is successful, SafeNet server returns an affirmative response to the FreeRADIUS agent.

4. The FreeRADIUS agent sends acceptance of the authentication request to the client.

   

Compatibility

The information in this document applies to:

SafeNet servers

• SafeNet Authentication Service Private Cloud Edition (SAS PCE) 3.7 and later

• SafeNet Trusted Access (STA)

Supported Platforms

• Red Hat Enterprise Linux 7.3

• Red Hat Enterprise Linux 8.3

• CentOS 7.3

• CentOS 8.3

Supported RADIUS Protocols

• PAP

• MSCHAP-v2

• PEAP

Supported LDAP Server for on-prem password validation

• Microsoft Active Directory