Manualshelf

3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
21222324252627282930
Overview 25
Figure 3 Components of RADIUS server
In addition, RADIUS servers can act as the client of some other AAA server to
provide the proxy authentication or accounting service. They support multiple user
authentication methods, such as PPP-based PAP, CHAP and UNIX-based login.
Basic message exchange procedures in RADIUS
In most cases, user authentication using a RADIUS server always involves a device
that can provide the proxy function, such as the NAS. Transactions between the
RADIUS client and RADIUS server are authenticated through a shared key, and user
passwords are sent encrypted over the network for the security sake. The RADIUS
protocol combines the authentication and authorization processes by sending
authorization information in the authentication response message. See the
following figure.
Figure 4 The basic message interaction procedures of RADIUS
Following is how RADIUS operates:
1 The user enters the username and password.
2 Having received the username and password, the RADIUS client sends the
authentication request (Access-Request) to the RADIUS server.
3 The RADIUS server compares the received user information against that in the
Users database. If the authentication succeeds, it sends back an authentication
RADIUS Server
Users Clients
Dictionary
PSTN/
ISDN
RADIUS Server
The user enters the username and password
Authentication request (Access -request)
PC
Authentication accept (Access -accept)
Accounting -request (Start)
Accounting -response
Accounting -request (Stop)
Accounting -response
Notify the termination of the access
The user accesses the resources
Switch 8800
RADIUS client