RSA Security 6.1 User Manual

Page 19

Advertising
background image

RSA RADIUS Server 6.1 Administrator’s Guide

About RSA RADIUS Server

7

RADIUS Secret

A RADIUS shared secret is a case-sensitive password used to validate
communications between a RADIUS server, such as RSA RADIUS Server, and a
RADIUS client, such as an Access Point (AP) or Remote Access Server (RAS).
RSA RADIUS Server supports shared secrets of up to 127 alphanumeric
characters, including spaces and the following special characters:

~!@#$%^&*()_+|\=-‘{}[]:”’;<>?/.,

Identical shared secrets must be configured on both sides of the RADIUS
communication link.

NOTE: Not all RAS devices support shared secrets of up to 127
alphanumeric/special characters. You should select shared secrets that are
fully supported by RADIUS devices in your network.

Most RADIUS clients allow you to configure different secrets for authentication
and accounting. On the server side, the configuration interface allows you to
create a list of known RADIUS clients (RAS devices). You should be able to
identify the authentication shared secret and accounting shared secret that a
server uses to communicate with each of the clients on this list.

During an authentication transaction, password information must be transmitted
securely between the RADIUS client (RAS or AP) and the RSA RADIUS Server.
RSA RADIUS Server uses the authentication shared secret to encrypt and
decrypt password information.

No encryption is involved in transmitting accounting data between a RADIUS
client and RADIUS server. However, the accounting shared secret is used by each
device to verify that it can “trust” any RADIUS communications it receives from
the other device.

Replication Secret

A replication secret is a text string used to authenticate communications between
a Primary RADIUS Server and a Replica RADIUS Server. You do not need to
configure the replication secret for a realm: the Primary RADIUS Server
generates it automatically, and each Replica RADIUS Server in a realm receives
the replication secret as part of its configuration package.

Node Secret

A node secret is a pseudorandom string known only to the RSA RADIUS Server
and RSA Authentication Manager. Before the RSA RADIUS Server sends an
authentication request to the RSA Authentication Manager, it encrypts the data
using a symmetric node secret key.

Advertising
Popular Brands
Popular manuals