Manualshelf

3Com Switch 7750 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
501502503504505506507508509510
Overview 509
Users: This database stores information about users (such as user name,
password, adopted protocol and IP address).
Clients: This database stores the information about RADIUS clients (such as
shared keys).
Dictionary: This database stores the information used to interpret the attributes
and attribute values of the RADIUS protocol.
Figure 127 Databases in RADIUS server
In addition, the RADIUS server can act as the client of some other AAA server to
provide the authentication or accounting proxy service.
Basic message exchange procedure of RADIUS
The messages exchanged between a RADIUS client (a switch, for example) and the
RADIUS server are verified by using a shared key. This enhances the security. The
RADIUS protocol combines the authentication and authorization processes
together by sending authorization information in the authentication response
message. Figure 128 depicts the message exchange procedure between user,
switch and RADIUS server.
Figure 128 Basic message exchange procedure of RADIUS
RA DIUS s er v er
Us er s Clients
Dic tionar y
RA DIUS s er v er
Us er s Clients
Dic tionar y
RADIUS Client RADIUS Serve
r
(1)
The user inputs the user
name and password
( 3 ) Access-Accept
( 2 ) Access-Request
(4 ) Accounting-Request (start)
( 5 ) Accounting-Response
( 6 ) The user begins to access resources
( 7 ) Accounting-Request (stop)
( 8 ) Accounting-Response
( 9 ) Inform the user the access is ended
Host