beautypg.com

Radius authentication procedure, Radius standards, Radius authentication procedure radius standards – Patton electronic 3120 User Manual

Page 314

background image

C • Technical Reference

Model 3120 RAS Administrators’ Reference Guide

314

Configuring a RADIUS server

RADIUS Authentication Procedure
The procedure for RADIUS authentication and authorization is outlined in figure 126:

Figure 126. RADIUS authentication and authorization procedure

1. User dials into the RAS and establishes a connection.

2. The RAS prompts for user ID and password (PAP) or challenge (CHAP).

3. User responds with user ID and password (PAP) or challenge response (CHAP).

4. RAS forwards an authentication request packet to the RADIUS server, containing user identification,

encrypted password, and RAS identification.

5. RADIUS server validates the user and sends the RAS an authentication acknowledgement packet contain-

ing user configuration and one of the following

Specifying what network services and privileges the RAS should provide to the user (Access-accept), or

Denying the Authentication Request (Access-reject).

RADIUS Standards
RADIUS was initially developed in January 1977 by Lucent Technologies on recommendation from the Inter-
net Engineering Task Force (IETF). The second generation IETF Standards for RADIUS (RFC 2138) and
RADIUS Accounting (RFC 2139) were published in April 1977. The second set of RFCs changed the assigned
UDP port number for RADIUS from 1645 (conflicting with “datametrics” service) to 1812, and changed the
assigned UDP port number for RADIUS accounting from 1646 (conflicting with “sa-msg-port” service) to
1813. The April 1977 standards have been widely implemented and remain extensively deployed in public and
private networks.

In June 2000, IETF published a third revision of the RADIUS standards, RFC2865 and RFC2866. RFC 5865
defined congestion control mechanisms to solve performance problems sometimes encountered when the ear-
lier standard is deployed in large-scale networks. RFC2866 defined additional accounting features.

Patton remote access servers (RAS) support the April 1977 standards for RADIUS (RFC2138) and RADIUS
Accounting (RFC2139). The RADIUS attributes Patton RAS supports are listed in Appendix A of the Access
Server Administrator’s Reference Guide, available online at

http://www.patton.com/manuals/AccessServer_Admin-D_lo-res.pdf

See also other documents in the category Patton electronic Hardware: