Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks
Uploaded by jhansi.paleti

 (RADIUS)

advertisement 
RADIUS - Remote Authentication Dial-In User
Service
RADIUS
• Remote Authentication Dial-In User Service (RADIUS) is a networking protocol
that authorizes, authenticates and accounting users who access a remote and
local network’s
• RADIUS is an important tool for managing network access because it can prevent
unauthorized users—and attackers—from infiltrating your network.
• It is commonly used to connect embedded routers, modem servers,
software, and wireless apps.
RADIUS Services
• Authentication : It Identify remote users, and Control which users can access the
network
• Authorization : It define what each user can do by controlling access to network
resources
• Accounting : RADIUS accounting functions allow data to be sent at the start and
end of sessions, indicating the amount of resources (such as time, packets, bytes,
and so on) used during the session
Radius Authentication Process
Radius Authentication Process
• A user sends a request to Client it carries the user’s credentials to the Client. This may
include the user’s network address, username, and password.
• Client forwards an Authentication Request Packet to the RADIUS Server,
containing user identification, encrypted password, and Client identification.
Radius Authentication Process
• RADIUS Server validates the user and sends the Client an Authentication
Acknowledgement packet containing user configuration and either
1)Access-accept : Specifying what network services and privileges
the RAS should provide to the user or
2) Access-reject : Denying the Authentication Request
3) Access-Challenge : sent by the RADIUS server requesting more
information in order to allow access. The NAS, after
communicating
with the user, responds with another
Access-Request.
Password Authentication protocols
• For Password Authentication we use different protocols for example PAP , CHAP
, etc...
• PAP is a password Authentication Protocol used by PPP links to validate users.
PAP authentication requires the calling device to enter the username and
password. If the credentials match with the local database of the called device or
in the remote AAA database then it is allowed to access otherwise denied.
• CHAP is a more secure method of authentication than PAP. It eliminates the
process of sending clear-text passwords and instead utilizes encryption to mask
the information being transferred.
Uses
• Used to secure many university networks that provide dial-in IP
connectivity to students and faculty.
• Used by many Internet service providers to provide security to
users accessing their networks from multiple POPs (Points Of
Presence)
Related documents
3 3 A AnswerSheet
3 3 A AnswerSheet
 (RADIUS)
 (RADIUS)
RADIUS
RADIUS
Download
advertisement