Ask AI
All Categories
Product Information
Getting Started: RADIUS Server

Getting Started: RADIUS Server

Last updated on April 29, 2026

RADIUS Enhancements in Evo Portal

We’ve introduced several powerful updates to RADIUS within the Evo Portal, giving you greater control, visibility, and flexibility when managing your RADIUS infrastructure. This article outlines all new capabilities and what they mean for your deployment.

Supported Authentication Methods

Evo’s RADIUS service supports the following authentication methods, depending on the use case: VPN Authentication

  • PAP (Password Authentication Protocol)
  • MS-CHAPv2 (Microsoft Challenge-Handshake Authentication Protocol v2)

Wi-Fi Authentication

  • MS-CHAPv2 (Microsoft Challenge-Handshake Authentication Protocol v2)

Note: RADIUS for Wi-Fi is supported across all directory sources. For newly configured LDAP directories, users must complete at least one successful authentication through Evo Security before the account can be utilized.

Note: Multi-Factor Authentication (MFA) is currently supported for VPN integrations. However, MFA is not supported for Wi-Fi deployments at this time, as most network infrastructure and devices do not natively support MFA within the authentication flow.

Provision RADIUS Servers from the Portal

You can now provision RADIUS servers directly within the Evo Portal, no external requests or manual setup required.

Under your desired Tenant navigate to Endpoints → RADIUS

Notion image

Click the New+ button on top right to being to submit your RADIUS request

Notion image

Fill out the required information:

  1. Select your tenant & directory
  1. Provide a Server Name
  1. Add Client: Client IP addresses must be added here in order to reach the RADIUS server through its firewall. Add valid source addresses here. This step is optional—you can add or change clients later by editing the server.
      2. Notion image
  1. Copy Shared Secret  NOTE: This Shared Secret should be stored and saved as it will not be accessible after creation

Click Save when finished Note: Server provisioning is typically completed within a few minutes. However, in certain cases where additional resource allocation is required, the process may take up to 30 minutes. If the server does not appear within the first 5 minutes, please allow additional time and check back again in 30 minutes.

Manage RADIUS Clients with Ease

RADIUS client management is now fully integrated into the Evo Portal.

  • Add, edit, or delete whitelisted IP addresses directly from the server configuration.
  • Changes are automatically pushed to the RADIUS server.
  • The server will restart automatically to apply updates, no manual intervention required.

Starting, Stopping, and Deleting Servers

You can manage server states directly from the portal, including starting, stopping, and deleting servers. Each action has important implications:

Stopping a Server

  • Stopping a server will prevent all authentication attempts from being processed.
  • The server will continue to report status updates to the portal, and status is displayed in real time.

Starting a Server

  • Starting a server will restore its ability to handle authentication requests.
  • Status updates will reflect the server’s availability as it comes online.

Deleting a Server

  • Deleting a server is permanent and irreversible.
  • The server and its assigned IP address cannot be recovered under any circumstances.
  • Ensure you no longer need the server or its IP before proceeding with deletion.
 

Configuring RADIUS Server authentication

  1. Choose the option for RADIUS authentication in the platform you are intending to use.
  1. Use the server and port provided in the completed RADIUS Server request response.
  1. Provide the shared secret entered at the time of the RADIUS Server request.
  1. Test the authentication with a known credential in the directory chosen in the RADIUS request.

Note: If you have a firewall in place, please make sure to whitelist the Radius server IP address and port.

No Access to push notifications? No problem!

If you are using RADIUS with AD-Synced accounts, and there is no support for push notifications, use the following:

Username: the user's user principal name

Password: use this format password,totpcode where password is the user's password, and totpcode is the 6 digit TOTP code

RADIUS Troubleshooting

  • When requesting a RADIUS server make sure you select the appropriate directory and that your users are associated with the directory or they will not be able to connect to the RADIUS instance.
  • Save the Secret Key and client IP address somewhere secure during your request. If there are any issues, verify your IP and Secret Key match in your configurations to the same ones requested from Evo. Make sure your public IP address is accessible.
  • Check your firewall and ensure that the Public IP and that port 1812 is open and accessible to the RADIUS instance.
Did this answer your question?
😞
😐
🤩
How do I update Evo software? RADIUS - Secure RADIUS Servers with TLS/radsecproxy (CVE-2024-3596)