beautypg.com

Radius packet format – H3C Technologies H3C SecPath F1000-E User Manual

Page 411

background image

3

5.

The RADIUS server returns a start-accounting response (Accounting-Response) and starts

accounting.

6.

The user accesses the network resources.

7.

The host requests the RADIUS client to tear down the connection and the RADIUS client sends a
stop-accounting request (Accounting-Request) to the RADIUS server.

8.

The RADIUS server returns a stop-accounting response (Accounting-Response) and stops
accounting for the user.

9.

The user stops access to network resources.

RADIUS Packet Format

RADIUS uses UDP to transmit messages. It ensures the smooth message exchange between the RADIUS

server and the client through a series of mechanisms, including the timer management mechanism,

retransmission mechanism, and slave server mechanism.

Figure 3

shows the RADIUS packet format.

Figure 3 RADIUS packet format


Descriptions of the fields are as follows:

1.

The Code field (1-byte long) is for indicating the type of the RADIUS packet.

Table 1

gives the

possible values and their meanings.

Table 1 Main values of the Code field

Code Packet

type

Description

1 Access-Request

From the client to the server. A packet of this type carries user
information for the server to authenticate the user. It must contain the
User-Name attribute and can optionally contain the attributes of
NAS-IP-Address, User-Password, and NAS-Port.

2 Access-Accept

From the server to the client. If all the attribute values carried in the
Access-Request are acceptable, that is, the authentication succeeds, the
server sends an Access-Accept response.

3 Access-Reject

From the server to the client. If any attribute value carried in the
Access-Request is unacceptable, the server rejects the user and sends an
Access-Reject response.

4 Accounting-Request

From the client to the server. A packet of this type carries user
information for the server to start/stop accounting for the user. It
contains the Acct-Status-Type attribute, which indicates whether the
server is requested to start the accounting or to end the accounting.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: