Radius configuration, Radius overview, Configuring a radius scheme – H3C Technologies H3C WA3600 Series Access Points User Manual

204

RADIUS configuration

RADIUS overview

The Remote Authentication Dial-In User Service (RADIUS) protocol is the most commonly used protocol

for implementing Authentication, Authorization, and Accounting (AAA).
RADIUS uses the client/server model. It can protect networks against unauthorized access and is often

used in network environments where both high security and remote user access are required. RADIUS

defines the packet format and message transfer mechanism, and uses UDP as the transport layer protocol

for encapsulating RADIUS packets. It uses UDP port 1812 for authentication and UDP port 1813 for
accounting.
RADIUS was originally designed for dial-in user access. With the addition of new access methods,

RADIUS has been extended to support additional access methods, for example, Ethernet and ADSL.

RADIUS provides access authentication and authorization services, and its accounting function collects
and records network resource usage information.

NOTE:

For more information about AAA and ISP, see

H3C WA Series WLAN Access Points Security

Configuration Guide.

Configuring a RADIUS scheme

A RADIUS scheme defines a set of parameters that the device uses to exchange information with the

RADIUS servers. There might be authentication servers and accounting servers, or primary servers and
secondary servers. The parameters mainly include the IP addresses of the servers, the shared keys, and

the RADIUS server type. By default, no RADIUS scheme exists.
To configure a RADIUS scheme:

1.

Select Authentication > RADIUS from the navigation tree to enter the RADIUS scheme management
page.

Figure 200 RADIUS scheme list

2.

Click Add to enter the RADIUS scheme configuration page.