Manualsbrain.com
  1. 매뉴얼
  2. 브랜드
  3. 3com
  4. S7906E
  5. 설치 설명서

3com S7906E 설치 설명서

다운로드
페이지 2621
 
1-3 
RADIUS uses UDP port 1812 for authentication and 1813 for accounting. RADIUS defines the RADIUS 
packet format and message transfer mechanism.  
RADIUS was originally designed for dial-in user access. With the diversification of access methods, 
RADIUS has been extended to support more access methods, for example, Ethernet access and ADSL 
access. It uses authentication and authorization in providing access services and uses accounting to 
collect and record usage information of network resources.  
Client/Server Model 
Client: The RADIUS client runs on the NASs located throughout the network. It passes user 
information to designated RADIUS servers and acts on the responses (for example, rejects or 
accepts user access requests). 
Server: The RADIUS server runs on the computer or workstation at the network center and 
maintains information related to user authentication and network service access. It listens to 
connection requests, authenticates users, and returns the processing results (for example, 
rejecting or accepting the user access request) to the clients. 
In general, the RADIUS server maintains three databases, namely, Users, Clients, and Dictionary, as 
shown in
Figure 1-2 RADIUS server components 
 
 
Users: Stores user information such as the usernames, passwords, applied protocols, and IP 
addresses. 
Clients: Stores information about RADIUS clients, such as the shared keys and IP addresses. 
Dictionary: Stores information about the meanings of RADIUS protocol attributes and their values. 
Security and Authentication Mechanisms 
Information exchanged between a RADIUS client and the RADIUS server is authenticated with a 
shared key, which is never transmitted over the network. This enhances the information exchange 
security. In addition, to prevent user passwords from being intercepted in non-secure networks, 
RADIUS encrypts passwords before transmitting them.  
A RADIUS server supports multiple user authentication methods. Moreover, a RADIUS server can act 
as the client of another AAA server to provide authentication proxy services.  
Basic Message Exchange Process of RADIUS  
 illustrates the interaction of the host, the RADIUS client, and the RADIUS server.