Security and authentication mechanisms, Basic message exchange process of radius, Security and authentication mechanisms -2 – H3C Technologies H3C WX6000 Series Access Controllers User Manual

Page 437: Basic message exchange process of radius -2, Figure 38-1

Advertising
background image

38-2

Figure 38-1 RADIUS server components

Users: Stores user information such as the usernames, passwords, applied protocols, and IP

addresses.

Clients: Stores information about RADIUS clients, such as the shared keys and IP addresses.

Dictionary: Stores information about the meanings of RADIUS protocol attributes and their values.

Security and Authentication Mechanisms

Information exchanged between a RADIUS client and the RADIUS server is authenticated with a

shared key, which is never transmitted over the network. This enhances the information exchange

security. In addition, to prevent user passwords from being intercepted on insecure networks, RADIUS

encrypts passwords before transmitting them.

A RADIUS server supports multiple user authentication methods, for example, the Password

Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) of the

Point-to-Point Protocol (PPP). Moreover, a RADIUS server can act as the client of another AAA server

to provide authentication proxy services.

Basic Message Exchange Process of RADIUS

Figure 38-2

illustrates the interaction of the host, the RADIUS client, and the RADIUS server.

Advertising
This manual is related to the following products:

H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module

Popular Brands
Popular manuals