RADIUS Overview

radius-messaging

RADIUS Overview

RADIUS (Remote Access Dial-In User Service) is a AAA (Authentication, Authorization, Accounting) protocol that is developed by IETF. RADIUS is a standard base AAA Protocol supported by all vendors.

Mainly, the job of RADIUS is providing Secure Network Access. RADIUS provide this, by using Password Encryption. With RADIUS, remote users are authenticated to access the network.

RADIUS is a Client/Server Protocol. RADIUS messaging is done between, RADIUS Client and RADIUS Server. RADIUS Client sends the credentials of it to the RADIUS Server, then accepts the responds of RADIUS Server. If the answer comes positively, then RADIUS Client can connect to the network.

Other AAA Articles:

Authentication, Authorization, Accounting – AAA Overview
Authentication, Authorization, Accounting – AAA Protocols
Authentication, Authorization, Accounting – RADIUS Overview
Authentication, Authorization, Accounting – TACACS+ Overview
Authentication, Authorization, Accounting – Huawei AAA Configuration

For RADIUS communication, as a Transport Protocol, RADIUS uses UDP. UDP Ports 1812, 1645 are used for Authentication and UDP Ports 1813,1646 are used for Accounting in RADIUS.

RADIUS combined the Authentication and the Authorization. For example if an Authentication request sent, then with authentication response, Authorization response is also expected. Beside this combined structure of authentiction and authorization, RADIUS uses a saparate Accounting.

In RADIUS there is no command logging. This means that, if two administrator configure a device and enter commands, we can not know which commands are entered by which administrator by RADIUS.

There is only one privilege level used for RADIUS.

RADIUS Messaging

We can divide RADIUS Messaging mainly into two part. These are :

• Authentication/Authorization
• Accounting

As we have discussed before, RADIUS combines Authentication and Authorization. At the beginning Access Request/Reply messages are sent between RADIUS Client and RADIUS Server. With these messages, Authentication and Authorization are achieved.

At the accounting phase, Accounting Request/Reply messages are sent and Accounting is achieved.


radius-messaging

Other AAA Articles:

Authentication, Authorization, Accounting – AAA Overview
Authentication, Authorization, Accounting – AAA Protocols
Authentication, Authorization, Accounting – RADIUS Overview
Authentication, Authorization, Accounting – TACACS+ Overview
Authentication, Authorization, Accounting – Huawei AAA Configuration

Leave a Reply