security

Radious Authentication

June 5, 2010
Remote authentication for user services

Provides an authentication server for one or more clients VPN, Wreless or legacy (dial-in hosts)

Client communicates with RADIUS server via encrypted communications using a shared secret key

Radius Protocol:

Client forwards user access request to RADIUS server

Server replies with

Reject access

Allow access (based on password)

Challenge (for challenge-response protocol, eg CHAP)

If challenge-response is used, client forwards challenge to user, user sends response to client, which forwards it to server

One RADIUS server may consult another (acting as a client)