New Member
Posts: 3
Registered: ‎10-14-2018

AAA Radius auth for anything not Unifi

I cant find any documentation to configure AAA/Radius for device authentication and authoriazation. I'm perplexed why this feature doesnt exist for operator equipment. I mean having one password for all devices is crazy insecure or a different passwords for multiple devices is(likely) mgmt crazy and can be insecure if not using a PW mgr. I see that ubnt uses dropbear which is likely why it's not simple request, but this really seems needed for any net operator. Thanks.
Veteran Member
Posts: 4,986
Registered: ‎03-02-2015
Kudos: 989
Solutions: 229

Re: AAA Radius auth for anything not Unifi

@qoyamex

Consider using VLANs to separate management traffic from everything else.
private ssh keys are also possible.
===================================================
We all work for KUDOs here.
Thx
New Member
Posts: 3
Registered: ‎10-14-2018

Re: AAA Radius auth for anything not Unifi

@Skipper0815 That's a great suggestion in general. Every org should separate mgmt traffic. In fact, we do use VRFs and ACLs to segregate mgmt traffic. That said, AAA is a separate subject than traffic segmentation. While both are part of security, important parts, the need for central auth is not related to mgmt VLANs/VRFs in my opinion. Central auth is still needed. Thanks. Chris
Ubiquiti Employee
Posts: 11,657
Registered: ‎04-14-2017
Kudos: 2166
Solutions: 335

Re: AAA Radius auth for anything not Unifi

We have a AAA for RADIUS feature request logged for airMAX, but I can't commit to a timescale on it today.
New Member
Posts: 3
Registered: ‎10-14-2018

Re: AAA Radius auth for anything not Unifi

Would it apply to AirFiber as well?
Highlighted
Ubiquiti Employee
Posts: 11,657
Registered: ‎04-14-2017
Kudos: 2166
Solutions: 335

Re: AAA Radius auth for anything not Unifi

Not automatically, but when we get to implementing this feature I can discuss it with that team.