Cisco Access Registrar 3.5 Reference Manual page 73

S
A means of specifying the method to use to perform a function. A service can be specified for the
Service
following functions: authentication, authorization, accounting, and authentication-authorization. For
example, a service can specify that authentication be performed using the local database, or a service
can specify that accounting be supported by logging information to a file.
Three default services are referenced by the server configuration and when processing scripts. They are
Services
Default Authentication Service, Default Authorization Service, and Default Accounting Service. Each
service has a type and (if it is using remote servers) an ordered list of servers to use.
Each service provided by the NAS to a dial-in user constitutes a session, with the beginning of the
Session
session defined as the point where service is first provided and the end of the session defined as the
point where service is ended. Depending on NAS support capabilities, a user may have multiple
sessions in parallel or in series.
Secure Hash Algorithm; a hashing algorithm that produces a 160-bit digest based upon the input. The
SHA-1
algorithm produces SHA passwords that are irreversible or prohibitively expensive to reverse.
Used to authenticate transactions between the client and the RADIUS server. The shared secret is never
Shared Secret
sent over the network.
An IP dial-up network whose use is shared by two or more organizations. Shared use networks typically
Shared Use
implement distributed authentication and accounting in order to facilitate the relationship amongst the
Network
sharing parties.
RADIUS discards the packet without further processing. The server logs an error, including the
Silently Discard
contents of the silently discarded packet, and records the event in a statistics counter.
Serial Line Internet Protocol is TCP/IP over direct connections and modems, which allows one
SLIP
computer to connect to another or to a whole network.
Switched Multi-megabit Data Service is a high-speed Metropolitan-Area Networking technology that
SMDS
behaves like a LAN.
Netscape's (iPlanet) enhancement of the SHA-1 algorithm which includes salted password data.
SSHA
SubNetwork Access Protocol is used when a SAP definition does not exist for the encapsulated user
SNAP
data protocol.
Secure Socket Layer is the protocol defined by Netscape that is used for encryption and authentication
SSL
between two Internet entities. It uses public/private key certificates instead of shared secrets.
Switched Virtual Circuit is an L2TP-compatible media on top of which L2TP is directly encapsulated.
SVC
SVCs are dynamically created, permitting tunnel media to be created dynamically in response to
desired LNS-LAC connectivity requirements.
OL-2683-02
Cisco Access Registrar 3.5 Concepts and Reference Guide
Glossary
GL-7