Filter
Top Products
Introduction to AAA Server
RADIUS Overview
Chapter 14
Establishing a RADIUS Session
The handling of a user request is series of message exchanges that
attempts to provide the user with a network service by establishing a
session for the user. This transaction can be described as a series of
actions that exchange data packets containing information related to the
request. Figure 1-2, Client-Server RADIUS Transaction, illustrates the
details of the transaction between a RADIUS AAA server and a client (a
NAS in this example). When the user’s workstation connects to the
client, the client sends an Access-Request RADIUS data packet to the
AAA server.
Figure 1-2 Client-Server RADIUS Transaction
When the server receives the request, it validates the sending client. If
the client is permitted to send requests to the server, the server will then
take information from the Access-Request and attempt to match the
request to a user profile. The profile will contain a list of requirements
that must be met to successfully authenticate the user. Authentication
usually includes verification of a password, but can also specify other
information, such as the port number of the client or the service type
that has been requested, that must be verified.
AAA Server
User Connects
Client
(NAS)
User
Access-Request
User Disconnects
Access-Reject
Or
Access-Accept
Accounting-Request (Start)
Accounting-Response
Accounting-Request (Stop)
Accounting-Response
Session Starts
Session Ends
User Disconnected