Table of Contents
Advertisement
H
S
G
™
OT
POT
ATEWAY
RADIUS Attributes
RADIUS (Remote Authentication Dial-In User Service) was originally created to
allow remote authentication to the dial-in networks of corporations and dial-up ISPs.
It is defined and standardized by the IETF (Internet Engineering Task Force) and
several RADIUS server packages exist in both the public domain and for commercial
sale.
RADIUS software stores a database of attributes about their valid subscriber base.
For example, usernames, passwords, access privileges, account limits and subscriber
attributes can all be stored in a RADIUS database. RADIUS works in conjunctions
with NAS (Network Access Server) devices to determine if access to the service
network should be granted, and if so, with what privileges.
When a subscriber attempts to access the service provider's network, the HSG
delivers a Web page to the subscriber asking for a login name and password. This
information (password) is encrypted and sent across the network to the ISP's
RADIUS server. The RADIUS server decrypts the information and compares it
against its list of valid users. If the subscriber can be authenticated, the RADIUS
server replies to the HSG with a message instructing it to grant access to the
subscriber. Optionally, the RADIUS server can instruct the NAS to perform other
functions; for example, the RADIUS server can tell the HSG what upstream and
downstream bandwidth the subscriber should receive. If RADIUS cannot authenticate
the subscriber, it will instruct the NAS to deny access to the network.
The Nomadix HSG RADIUS functionality can be broken down into the following
categories:
Authentication-Request
Authentication-Reply
Accounting-Request
Quick Reference Guide
All subscribers attempting to gain access to the
network are validated by RADIUS.
231
Advertisement
Table of Contents
