Welcome to IE-LAB!

Search
Generic filters
CISCO
Search
Generic filters
CISCO

HCIE network engineers must know Radius basic introduction

HCIE network engineers must know Radius basic introduction

In order to realize user authentication, authorization and audit, and realize remote AAA function, one of the widely used methods is to use the Radius protocol. RADIUS can implement multiple user access methods such as Ethernet access. The RADIUS protocol is based on the UDP protocol and stipulates that UDP ports 1812 and 1813 are used as authentication and accounting ports respectively.

RADIUS is based on the client/server model. The client can generally be placed on a network access server to transfer user information to a designated RADIUS server, and then perform corresponding processing (such as accepting/rejecting user access) based on the information returned from the server.

The server usually runs on a central computer or workstation to maintain relevant user authentication and network service access information, receive user connection requests and authenticate the user, and then return all required information to the client.

The RADIUS server has three important components:

1. User content used to store user name, password, protocol, IP address and other information

2. Client information used to store RADIUS shared key, IP address and other information

3. Dictionary information used to store the meaning of attribute values ​​in the RADIUS protocol.

RADIUS advantages:

The RADIUS client and server complete the authentication message interaction through the participation of a shared key, and the shared key cannot be transmitted over the network, thus enhancing the security of information interaction. At the same time, in order to prevent the user password from being stolen when it is transmitted on an insecure network, the RADIUS protocol uses a shared key to encrypt the password in the RADIUS message.

A RADIUS message is composed of a packet header and a certain number of attributes. The addition of new attributes will not destroy the original implementation of the protocol, so it has strong scalability.

Get 100% accurate CCIE/ CCNP/CCNA/HCIE dumps in IELAB .
Please follow us if you like our articles.
visit us: http://ielab.network
Facebook : https://www.facebook.com/ielab.network/
Linkedin: https://www.linkedin.com/company/ielabnetwork/
WhatsApp: +8617782638871
Skype:live:ielab.anna

error: Content is protected !!
× How can I help you?