ZyXEL Communications ZyXEL G-560 사용자 설명서
ZyXEL G-560 User’s Guide
Chapter 6 Wireless Screens
69
6.8 Introduction to RADIUS
RADIUS is based on a client-sever model that supports authentication and accounting, where
access point is the client and the server is the RADIUS server. The RADIUS server handles
the following tasks among others:
access point is the client and the server is the RADIUS server. The RADIUS server handles
the following tasks among others:
• Authentication
Determines the identity of the users.
• Accounting
Keeps track of the client’s network activity.
RADIUS user is a simple package exchange in which your G-560 acts as a message relay
between the wireless station and the network RADIUS server.
between the wireless station and the network RADIUS server.
6.8.1 Types of RADIUS Messages
The following types of RADIUS messages are exchanged between the access point and the
RADIUS server for user authentication:
RADIUS server for user authentication:
• Access-Request
Sent by an access point, requesting authentication.
•
Access-Reject
Sent by a RADIUS server rejecting access.
• Access-Accept
Sent by a RADIUS server allowing access.
• Access-Challenge
Sent by a RADIUS server requesting more information in order to allow access. The
access point sends a proper response from the user and then sends another Access-
Request message.
access point sends a proper response from the user and then sends another Access-
Request message.
The following types of RADIUS messages are exchanged between the access point and the
RADIUS server for user accounting:
RADIUS server for user accounting:
• Accounting-Request
Sent by the access point requesting accounting.
• Accounting-Response
Sent by the RADIUS server to indicate that it has started or stopped accounting.
In order to ensure network security, the access point and the RADIUS server use a shared
secret key, which is a password, they both know. The key is not sent over the network. In
addition to the shared key, password information exchanged is also encrypted to protect the
wired network from unauthorized access.
secret key, which is a password, they both know. The key is not sent over the network. In
addition to the shared key, password information exchanged is also encrypted to protect the
wired network from unauthorized access.