Create Network Range and Modify Policy
To limit RADIUS authentication to clients in a specific network, we have to create a networks range and modify the default policy to use RADIUS for this specific range we create. We will be logging in from a Windows 10 Desktop in the Instant Clone pool so will use that network range to use to login with RADIUS authentication.
Add Network Range
Click Add Network Range
Define the Network Range
- Enter RADIUS Test as 'Name' for the network range
- Provide a description RADIUS Test (optional)
- Enter 192.168.100.1 as 'From'
- Enter 192.168.100.255 as 'To'
- Click Save
This will add all the 192.168.100.xxx IP addresses to the RADIUS Test network range and will include our test VM.
Verify the new network range has been added
- Verify RADIUS Test IP Address Range was created
- Close the Network Ranges Window
Edit the default Policy
Add Policy Rule
Click Add Policy Rule
We will add a policy to use RADIUS for our newly created network range test
Configure Policy Rule
- Select RADIUS Test from dropdown menu for "If a user's network range is"
- Select Web Browser from dropdown menu for "and user accessing content from"
- Select RADIUS from dropdown menu for "then the user may authenticate using"
- Select Password from dropdown menu for "If the preceding method fails or is not applicable, then"
- Scroll Down
- Click on Advanced Properties
Besides setting the time after which a user has to re-authenticate, you can configure a Custom Error Message, Custom Error Link Text and a Custom Error Link URL, where you could guide the user to a how-to document or further information on how to resolve any issues with authentication.
Please take a minute to look at all the different and authentication method options, allowing you to setup different authentication methods for different devices/access methods and locations (based on network range). You can also combine multiple authentication methods if you need more than 2-factor authentication.
- Click Save
Change Policy Rule Order
- Hover the mouse cursor over Radius Test until the cursor changes, then click on Radius Test and keep the button pushed
- Drag the rule all the way to the top
- Release the Radius Test Policy Rule