Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
Wisdom Tree
Regular Language...
DECtape
Forbidden Forest (film)
BitKeeper
NetSuite Inc.
4um
recommendation
compare webbrowser
Freenet DSL
Who's Online
10 user(s) are online (9 user(s) are browsing encyclopedia)

Members: 0
Guests: 10

more...
browser tip
Unix Befehle
manual of unix befehle
recommendation!
Sponsored
partner

RADIUS

RADIUS (Remote Authentication Dial In User Service) is an AAA_protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.

When you connect to an internet service provider using a Modem, Digital Subscriber Line, Cable modem or 802.11, you must enter your username and password. This information is passed to a Network Access Server (NAS) device over the Point-to-Point Protocol (PPP), then to a RADIUS server over the RADIUS protocol. The RADIUS server checks that the information is correct using authentication schemes like Password authentication protocol, Challenge-handshake authentication protocol or Extensible Authentication Protocol. If accepted, the server will then authorize access to the ISP system and select an IP address, L2TP parameters, etc.

The RADIUS server will also be notified when the session starts and stops, so that the user can be Bill (payment) accordingly; or the data can be used for statistical purposes.

RADIUS was originally developed by Livingston Enterprises for their PortMaster series of Network Access Servers, but later (1997) published as RFC 2058 and RFC 2059 (current versions are RFC 2865 and RFC 2866). Now, several commercial and open-source RADIUS servers exist. Features can vary, but most can look up the users in text files, LDAP servers, various databases, etc. Accounting tickets can be written to text files, various databases, forwarded to external servers, etc. SNMP is often used for remote monitoring. RADIUS proxy servers are used for centralized administration and can rewrite RADIUS packets on the fly (for security reasons, or to convert between vendor dialects).

RADIUS is extensible; most vendors of RADIUS hardware and software implement their own dialects.

The DIAMETER protocol is the planned replacement for RADIUS, but is still backward compatibility.

=Standards=

The RADIUS protocol is currently defined in: *RFC 2865 Remote Authentication Dial In User Service (RADIUS) *RFC 2866 RADIUS Accounting

Other relevant RFCs are:

  • RFC 2548, RFC 2607, RFC 2618, RFC 2619, RFC 2620, RFC 2621, RFC 2809, RFC 2867, RFC 2868, RFC 2869, RFC 2882, RFC 3162 and RFC 3576.

    • =See also=

  • TACACS
  • TACACSPlus

    • =External links=

  • [http://www.untruth.org/~josh/security/radius/radius-auth.html An Analysis of the RADIUS Authentication Protocol]
  • [http://www.freeradius.org/rfc/attributes.html List of RADIUS attributes]
    		•