beautypg.com

H3C Technologies H3C WX3000 Series Unified Switches User Manual

Page 248

background image

25-5

Figure 26-3

RADIUS message format

Code

Attribute

Identifier

0

7

Length

Authenticator

7

15

31

2) The Code field (one byte) decides the type of RADIUS message, as shown in

Table 26-1

.

Table 26-1

Description on the major values of the Code field

Code

Message type

Message description

1 Access-Request

Direction: client->server.
The client transmits this message to the server to determine if the user
can access the network.
This message carries user information. It must contain the User-Name
attribute and may contain the following attributes: NAS-IP-Address,
User-Password and NAS-Port.

2 Access-Accept

Direction: server->client.
The server transmits this message to the client if all the attribute values
carried in the Access-Request message are acceptable (that is, the user
passes the authentication).

3 Access-Reject

Direction: server->client.
The server transmits this message to the client if any attribute value
carried in the Access-Request message is unacceptable (that is, the user
fails the authentication).

4 Accounting-Request

Direction: client->server.
The client transmits this message to the server to request the server to
start or end the accounting (whether to start or to end the accounting is
determined by the Acct-Status-Type attribute in the message).
This message carries almost the same attributes as those carried in the
Access-Request message.

5

Accounting-Respon
se

Direction: server->client.
The server transmits this message to the client to notify the client that it
has received the Accounting-Request message and has correctly
recorded the accounting information.

3) The Identifier field (one byte) is used to match requests and responses. It changes whenever the

content of the Attributes field changes, and whenever a valid response has been received for a
previous request, but remains unchanged for message retransmission.

4) The Length field (two bytes) specifies the total length of the message (including the Code, Identifier,

Length, Authenticator and Attributes fields). The bytes beyond the length are regarded as padding
and are ignored upon reception. If a received message is shorter than what the Length field
indicates, it is discarded.

See also other documents in the category H3C Technologies Routers: