Configuring a RADIUS server
309
Access Server Administrators’ Reference Guide
C • Technical Reference
RADIUS Authentication Procedure
The procedure for RADIUS authentication and authorization is outlined in
figure 125
:
Figure 125. RADIUS authentication and authorization procedure
1.
User dials into the RAS and establishes a connection.
2.
The RAS prompts for user ID and password (PAP) or challenge (CHAP, MS-CHAP V1 and MS-CHAP
V2).
3.
User responds with user ID and password (PAP) or challenge response (CHAP, MS-CHAP V1 and MS-
CHAP V2).
4.
RAS forwards an authentication request packet to the RADIUS server, containing user identification,
encrypted password, and RAS identification.
5.
RADIUS server validates the user and sends the RAS an authentication acknowledgement packet contain-
ing user configuration and one of the following
– Specifying what network services and privileges the RAS should provide to the user
(Access-accept)
, or
– Denying the Authentication Request
(Access-reject)
.
RADIUS Standards
RADIUS was initially developed in January 1977 by Lucent Technologies on recommendation from the Inter-
net Engineering Task Force (IETF). The second generation
IETF Standards for RADIUS (RFC 2138)
and
RADIUS Accounting (RFC 2139)
were published in April 1977. The second set of RFCs changed the assigned
UDP port number for RADIUS from 1645 (conflicting with “datametrics” service) to 1812, and changed the
assigned UDP port number for RADIUS accounting from 1646 (conflicting with “sa-msg-port” service) to
1813. The April 1977 standards have been widely implemented and remain extensively deployed in public and
private networks.
In June 2000, IETF published a third revision of the RADIUS standards, RFC2865 and RFC2866. RFC 5865
defined congestion control mechanisms to solve performance problems sometimes encountered when the ear-
lier standard is deployed in large-scale networks. RFC2866 defined additional accounting features.
Patton remote access servers (RAS)
support the April 1977 standards for RADIUS (RFC2138) and RADIUS
Accounting (RFC2139). The RADIUS attributes Patton RAS supports are listed in Appendix A of the
Access
Server Administrator’s Reference Guide
, available online at
http://www.patton.com/manuals/AccessServer_Admin-D_lo-res.pdf
Содержание 29XX Series
Страница 8: ...Contents Access Server Administrators Reference Guide 8...
Страница 19: ...19 Chapter 3 Import Export Chapter contents Introduction 20 Export Configuration 20 Import Configuration 22...
Страница 171: ...171 Access Server Administrators Reference Guide 14 Frame Relay Congestion frameEnableCongestion 177...
Страница 295: ...295 Chapter 25 Contacting Patton Chapter contents Introduction 296 Patton Electronics Company contact information 296...
Страница 304: ...304 Appendix B MIB trees Chapter contents Model 2960 MIB Tree Structure 305...
Страница 305: ...Model 2960 MIB Tree Structure 305 Access Server Administrators Reference Guide B MIB trees Model 2960 MIB Tree Structure...