Configure remote authentication through RADIUS

The ExtraHop appliance supports Remote Authentication Dial In User Service (RADIUS) for remote authentication and local authorization only. For remote authentication, the ExtraHop appliance supports unencrypted RADIUS and plaintext formats.

  1. Log into the Admin UI on the ExtraHop appliance.
  2. In the Access Settings section, click Remote Authentication.
  3. From the Remote authentication method drop-down list, select RADIUS and then click Continue.
  4. On the Add RADIUS Server page, type the following information:
    The hostname or IP address of the RADIUS server. Make sure that the DNS of the ExtraHop appliance is properly configured if you specify a hostname.
    The shared secret between the ExtraHop appliance and the RADIUS server. Contact your RADIUS administrator to obtain the shared secret.
    The amount of time in seconds that the ExtraHop appliance waits for a response from the RADIUS server before attempting the connection again.
  5. Click Add Server.
  6. (Optional): Add additional servers as needed.
  7. Click Save and Finish.
  8. From the Permission assignment options drop-down list, choose one of the following options:
    • Remote users have full write access

      This option allows remote users to have full write access to the ExtraHop Web UI.

    • Remote users have full read-only access

      This option allows remote users to have read-only permissions to the ExtraHop Web UI.

      Note:You can add read-write permissions on a per-user basis later through the Users page in the Admin UI.
    • Remote users can view connected appliances

      This option, which only appears on the Command appliance, allows remote users to log into the Admin UI on the Command appliance and view any connected Discover, Explore, and Trace appliances.

  9. Select one of the following options to allow remote users to download packet captures and SSL session keys.
    • No access
    • Packets only
    • Packets and session keys
  10. Click Save and Finish.
  11. Click Done.
Published 2022-05-26