Remote authentication dial-in user service server
IBM®'s Remote Authentication Dial-In User Service (RADIUS) is a network access protocol designed to do authentication, authorization, and accounting. It is a port-based protocol that defines the communications between Network Access Servers (NAS) and authentication and accounting servers.
A NAS operates as a client of RADIUS. Transactions between the client and the RADIUS server are authenticated through the use of a shared secret, which is not sent over the network. Any user passwords sent between the client and the RADIUS server are encrypted.
The client is responsible for passing user information to designated RADIUS servers and then acting on the response that is returned. RADIUS servers are responsible for receiving user connection requests, authenticating the user, and then returning all configuration information necessary for the client to deliver service to the user. A RADIUS server can act as a proxy client to other RADIUS servers when advanced proxy information is configured. RADIUS uses User Datagram Protocol (UDP) as the transport protocol.
- IETF RFC 2865
- http://www.ietf.org/rfc/rfc2865.txt
- RFC 2866
- http://www.ietf.org/rfc/rfc2866.txt
- RFC 2284
- http://www.ietf.org/rfc/rfc2284.txt
- RFC 2869
- http://www.ietf.org/rfc/rfc2869.txt
- RFC 2882
- http://www.ietf.org/rfc/rfc2882.txt