Patton electronic SmartNode 4110 Series ユーザーズマニュアル
Introduction
103
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
Introduction
This chapter provides an overview of the authentication, authorization, and accounting (AAA) component and
describes how to configure the RADIUS client, a subpart of the AAA component. It is important to under-
stand how AAA works before configuring the RADIUS client. This chapter also describes the local database
accounts configuration, which is another subpart of AAA.
describes how to configure the RADIUS client, a subpart of the AAA component. It is important to under-
stand how AAA works before configuring the RADIUS client. This chapter also describes the local database
accounts configuration, which is another subpart of AAA.
To use the authentication and authorization service on SmartWare you have to configure the AAA component,
the RADIUS component and the local database accounts.
the RADIUS component and the local database accounts.
This chapter includes the following sections:
•
The AAA component
•
RADIUS configuration (see
)
•
Configuration of the local database accounts (see
The AAA component
Authentication, authorization, and accounting (AAA) is a term for controlling access to client resources,
enforcing policies, auditing usage, and providing information necessary to invoice users for services.
enforcing policies, auditing usage, and providing information necessary to invoice users for services.
Authentication provides a way of identifying a user (usually in the form of a login window where the user is
expected to enter a username and password) before allowing access to a client. The AAA component compares
the user's authentication login information with credentials stored in a database. If the information is verified,
the user is granted access to the network. Otherwise, authentication fails and network access is denied.
expected to enter a username and password) before allowing access to a client. The AAA component compares
the user's authentication login information with credentials stored in a database. If the information is verified,
the user is granted access to the network. Otherwise, authentication fails and network access is denied.
Following authentication, authorization determines the activities, resources, or services a user is permitted to
access. For example, after logging into a system, a user may try to issue commands, the authorization process
determines whether the user has the authority to issue such commands.
access. For example, after logging into a system, a user may try to issue commands, the authorization process
determines whether the user has the authority to issue such commands.
Accounting, which keeps track of the resources a user consumes while connected to the client, can tally the
amount of system time used or the amount of data transferred during a user’s session. The accounting process
records session statistics and usage information that is used for authorization control, billing, and monitoring
resource utilization.
amount of system time used or the amount of data transferred during a user’s session. The accounting process
records session statistics and usage information that is used for authorization control, billing, and monitoring
resource utilization.
AAA information can be stored in a local database or in a database on a remote server. A current standard by
which network access servers interface with the AAA server is the Remote Authentication Dial-In User Service
(RADIUS).
which network access servers interface with the AAA server is the Remote Authentication Dial-In User Service
(RADIUS).