User's Manual

Table Of Contents
Chapter 4 - Operation and Administration ASN-GW Menu
BreezeMAX Extreme 119 System Manual
4.6 ASN-GW Menu
The ASN-GW menu includes the following options:
AAA
Services Menu
MAC Access Lists
4.6.1 AAA
4.6.1.1 Working with RADIUS Servers
Managing a large number of users creates the need for significant administrative
support together with careful attention to security, authorization and accounting.
The use of RADIUS (Remote Authentication Dial In User Service) enables
operators to efficiently manage users, supporting AAA functionality:
Authentication (in the form of username & password and security certificates
provided by the user, all checked by the server with an EAP method against a
local flat file database or an external SQL database).
Authorization of requested network services (configuration information
detailing the type of service to use).
Accounting of the granted services usage (for billing, statistical or network
monitoring purposes).
The RADIUS protocol exchanges information between a Network Access Server
(NAS), which needs to authenticate its users, and a shared Authentication server.
A Network Access Server acts as an interface between the users and the RADIUS
server, relaying authentication messages between the two and provisioning the
users with pre-defined services according to the authorization level determined by
the RADIUS server.
The BreezeMAX Extreme has a built-in NAS, referred to as 'ASN'. Based on the
RADIUS and NAS configuration, the BTS has 3 working modes:
Embedded Distributed ASN-GW Centralized Authentication - internal NAS is
used for service provisioning and AAA needs to be handled by a RADIUS
server.