Chapter 4
Using Security Features
Using Remote Access Concentrator Server Tools for Windows NT
4-12
RADIUS Authentication
RADIUS authentication supports the authentication modes PAP and
CHAP. This section covers the following topics:
•
PPP and CHAP Support
•
Access-Request Attributes
•
Access-Accept and Access-Reject Attributes
PPP and CHAP Support
RADIUS requires PPP/CHAP enforcement to be in the RADIUS server.
The...
RAC sends the ACP server an ACP
Authorization-Request message
containing the CHAP information,
RADIUS server validates the
information and returns either an
Access-Accept or Access-Reject
message,
If the RADIUS On/Off radio button in the Server Tools Options/
Security dialog box is set to off, the ACP server validates against the
chap_secret entry in the acp_userinfo file.
Then...
the ACP server determines if
RADIUS is to be used (set in
Server Tools Options dialog box)
and sends a request to the RADIUS
server containing the CHAP
information needed for validation.
the ACP server responds to the
RAC with REQ_GRANTED or
REQ_DENIED for authorization.