Using radius to authenticate users – Digi PortServer TS8 User Manual
Page 62
12-4
Using RADIUS to Authenticate Users
Using RADIUS to Authenticate Users
This section provides a description of RADIUS and explains how to configure PortServer TS 8/16
to use RADIUS.
What is RADIUS?
RADIUS (remote authentication dial-in user service) is a method of maintaining a database of
profiles of dial-in users. These profiles can include login and password information, as well as other
user attributes.
RADIUS Components
RADIUS requires two components, an authentication host server and client protocols. The
PortServer TS 8/16 implements the client protocol. A host must implement the authentication server
application.
RADIUS Table Key
The numbers in the following tables have the following meaning:
RADIUS Attributes (RFC 2138) Supported
The following attributes are supported in the Digi PortServer TS 8/16 RADIUS client
implementation.
#
Meaning
0
This attribute must not be present.
0+
Zero or more instances of this attribute may be
present.
0-1
Zero or one instance of this attribute may be
present.
1
Exactly one instance of this attribute must be
present.
Request
Accept
Reject
Challenge
#
Attribute
1
0
0
0
1
User-Name
0-1
0
0
0
2
User-Password
0-1
0
0
0
3
CHAP-Password
0-1
0
0
0
4
NAS-IP-Address
0-1
0
0
0
5
NAS-Port
0-1
0-1
0
0
6
Service-Type
0-1
0-1
0
0
7
Framed-Protocol
0-1
0-1
0
0
8
Framed-IP-Address
0-1
0-1
0
0
9
Framed-IP-Netmask
0
0-1
0
0
10
Framed-Routing
0
0+
0
0
11
Filter-Id
0
0-1
0
0
12
Framed-MTU
0+
0+
0
0
13
Framed Compression
0+
0+
0
0
14
Login-IP-Host
0
0-1
0
0
15
Login-Service
0
0-1
0
0
16
Login-TCP-Port
0
0-1
0
0-1
27
Session-Timeout
0
0-1
0
0-1
28
Idle-Timeout