RADIUS Overview

radius-messaging

What is RADIUS?

RADIUS (Remote Access Dial-In User Service), RADIUS Protocol is a AAA (Authentication, Authorization, Accounting) protocol that is developed by IETF. RADIUS is a standard base AAA Protocol supported by all vendors.

Mainly, the job of RADIUS is providing Secure Network Access. RADIUS provide this, by using Password Encryption. With RADIUS, remote users are authenticated to access the network.

RADIUS is a Client/Server Protocol. RADIUS messaging is done between, RADIUS Client and RADIUS Server. RADIUS Client sends the credentials of it to the RADIUS Server, then accepts the responds of RADIUS Server. If the answer comes positively, then RADIUS Client can connect to the network.

For RADIUS communication, as a Transport Protocol, RADIUS uses UDP. UDP Ports 1812, 1645 are used for Authentication and UDP Ports 1813,1646 are used for Accounting in RADIUS.

RADIUS combined the Authentication and the Authorization. For example if an Authentication request sent, then with authentication response, Authorization response is also expected. Beside this combined structure of authentiction and authorization, RADIUS uses a saparate Accounting.

In RADIUS Protocol there is no command logging. This means that, if two administrator configure a device and enter commands, we can not know which commands are entered by which administrator by RADIUS.

There is only one privilege level used for RADIUS Protocol.

Lesson tags: AAA, RADIUS
Back to: JNCIE > Security
Comments are closed.

JNCIE

Collapse
Expand