3com WX3000 Manuel D’Utilisation

 

1-3 

z 

The RADIUS server receives user connection requests, authenticates users, and returns all 

required information to the device. 

Generally, a RADIUS server maintains the following three databases (see 

z 

Users: This database stores information about users (such as user name, password, protocol 

adopted and IP address). 

z 

Clients: This database stores information about RADIUS clients (such as shared key). 

z 

Dictionary: The information stored in this database is used to interpret the attributes and attribute 

values in the RADIUS protocol. 

Figure 1-1 Databases in a RADIUS server 

RADIUS servers

User

Clients

Dictionary

 

 

In addition, a RADIUS server can act as a client of some other AAA server to provide authentication or 

accounting proxy service. 

The messages exchanged between a RADIUS client and a RADIUS server are verified through a 

shared key. This enhances the security. The RADIUS protocol combines the authentication and 

authorization processes together by sending authorization information along with the authentication 

response message. 

 depicts the message exchange procedure between the user, device and 

RADIUS server. 

Figure 1-2 Basic message exchange procedure of RADIUS 

RADIUS Client

RADIUS Server

( 1 )

The user inputs the user 

name and password

( 3 )

Access -Accept

( 2 )

Access -Request

(4 )

Accounting-Request (start)

( 5 )

Accounting-Response

( 6 )

The user begins to access resources

( 7 ) Accounting-Request (stop)

( 8 ) Accounting-Response

( 9 ) Inform the user the access is ended

Host

 

 

The basic message exchange procedure of RADIUS is as follows: 

1)  The user enters the user name and password.