Quick Start

When using ClearBox, you should be aware of its concepts:

• RADIUS clients
• Realms (authentication, authorization, accounting rules)
• Wireless authentication settings
• Data sources
• Remote RADIUS servers
• State servers

Add new necessary nodes and define their settings before you start the server. You may use the default settings or change them completely according to the tasks ClearBox should perform.

Run Configurator from the Start menu.

In order to create a new node of some type (such as remote server, client, realm, data source), select an appropriate category in the left tree and then right-click it. Select a "Create new..." from the menu, then give an ID (unique name) to the new item and press <Enter>. Edit node settings (press F1 for help on each node type), click Apply Changes on each tab where you have made any changes. Click File menu and select Save when all changes in the server configuration are done. ClearBox Enterprise Server reloads them automatically.

Possible Configuration Steps

1. Plan what data sources (any kind of a database) will be used as back-end to store user accounts, accounting logs or any other information required by the server. If none is planed, skip this step. You may use the default MS Access database shipped with the server, or configure a new data source. Read more about it.

2. Add a new entry for each RADIUS client which will send requests to ClearBox Server. Read more about it. The default list contains the local client address (127.0.0.1) with the shared secret 'secret' for testing server with Client Tool.

3. Decide whether ClearBox will forward RADIUS requests to another remote RADIUS server. If it won't, skip the step, otherwise create new entries for each remote RADIUS server. Read more about it.

4. Plan the number of different request processing patterns. For example, you may need to authenticate some requests against a database while other against Windows Active Directory. Create a new realm for each processing pattern. If all the requests should be processed in the same manner, you may leave the only one 'def' realm present in the default configuration. Read more about it.

For each realm you may edit the following settings:

a) Define by what rule should the server pick up a realm to process a request. If there's only one realm, it may be marked as 'default', and no rules are necessary. If there are two or more realms, you should specify the realm selection conditions (matching by user name, client IP address or some set of RADIUS attributes). Read more about it.

b) Define how the server authenticates a user. Select the back-end: whether it's a database, LDAP server, Windows domain/group, another RADIUS server. Read more about it.

c) Decide if the server should reply with any RADIUS attributes or check any attributes in the request message. If it should, configure authorization settings. Read more about it.

d) Plan how you need to store accounting data received by ClearBox. Select what storing methods and their configuration. The default configuration writes the information to the [Accounting] table in general.mdb and logs it to the file. Read more about it.

e) For wireless authentication, define what security protocols are allowed. Read about it.

5. Check if you need to limit the number of concurrent user sessions. If you don't, skip this step. This capability requires a configured 'state server'. The default state server uses MS Access database to store active sessions information. You may use it, change its settings or add your own state server. Read more about it.

You don't have to restart the server after making changes to its configuration, ClearBox reloads it automatically.

Configurator automatically uses the default configuration file config.xml located in (<installation root folder>\AAA) and containing the configuration of the server. When you migrate from one system to another, you ay move almost all ClearBox setting with this file.

We discourage you from editing the configuration file manually, as you can damage it.

You may open other configuration files (click File menu, Open... or press Ctrl + O) and/or save them to locations other then the default one (click File menu, Save As...).

One of the most powerful features of ClearBox Enterprise Server is its ability to store the server configuration in a data source. Configuration xml file stores then only the information about that data source, while all the information (about clients, realms, etc.) is stored in database tables. Read more.