38 radius, Overview, Introduction to radius – H3C Technologies H3C WX6000 Series Access Controllers User Manual

Page 436: Client/server model, Radius

Advertising
background image

38-1

38

RADIUS

The sample output in this manual was created on the WX5004. The output on your device may

vary.

The grayed out functions or parameters on the Web interface indicate that they are not supported

or cannot be modified.

The models listed in this manual are not applicable to all regions. Please consult your local sales

office for the models applicable to your region.

Overview

Remote Authentication Dial-In User Service (RADIUS) is protocol for implementing Authentication,

Authorization, and Accounting (AAA). For details about AAA, refer to

AAA

.

Introduction to RADIUS

RADIUS is a distributed information interaction protocol using the client/server model. RADIUS can

protect networks against unauthorized access and is often used in network environments where both

high security and remote user access are required. RADIUS uses UDP, and its packet format and

message transfer mechanism are based on UDP. It uses UDP port 1812 for authentication and 1813 for

accounting.

RADIUS was originally designed for dial-in user access. With the diversification of access methods,

RADIUS has been extended to support more access methods, for example, Ethernet access and ADSL

access. It uses authentication and authorization in providing access services and uses accounting to

collect and record usage information of network resources.

Client/Server Model

Client: The RADIUS client runs on the NASs located throughout the network. It passes user

information to designated RADIUS servers and acts on the responses (for example, rejects or

accepts user access requests).

Server: The RADIUS server runs on the computer or workstation at the network center and

maintains information related to user authentication and network service access. It listens to

connection requests, authenticates users, and returns the processing results (for example,

rejecting or accepting the user access request) to the clients.

In general, the RADIUS server maintains three databases, namely, Users, Clients, and Dictionary, as

shown in

Figure 38-1

.

Advertising
This manual is related to the following products:

H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module

Popular Brands
Popular manuals