HP-UX AAA Server A.08.00.01 Administrator's Guide
C RADIUS Data Packets
The Access-Request and other RADIUS data packets contain a header and a set of
attribute-value (A-V) pairs, which are used by the server during the AAA transaction.
The RADIUS RFC 2865 defines how vendors can extend the protocol. Encapsulation
is the RFC defined way of extending RADIUS. Conflicts can occur when the RFC is not
followed. In those cases, the server can map the attributes to unique internal values
for processing. For a full description of RADIUS attribute-value pairs, see Chapter 34:
“Attribute-Value Pairs” (page 537).
Data Packet Format
RADIUS requests and replies share a common format, see Figure C-1). These messages
are transported by UDP. By default, the server listens on UDP port 1812 for
Access-Requests and port 1813 for Accounting-Requests.
Figure C-1 RADIUS Request/Reply Message Format
Table C-1 RADIUS Request/Reply Message Format Description
DescriptionData
8-bit request/reply type
1=Access-Request
Code
2=Access-Accept
3=Access-Reject
4=Accounting-Request
5=Accounting-Response
11=Access-Challenge
40=Disconnect-Request
41=Disconnect-ACK
42=Disconnect-NAK
43=CoA-Request
44=CoA-ACK
45=CoA-NAK
8-bit message sequence number: value in reply = value in request.Id
16-bit message length, including the header beginning at Code.Length
16 octet binary vector: For Access requests, value in request is randomly
generated. Value in reply is MD5 digest of reply message data appended with
secret, using authenticator value from request.
Authenticator
For Accounting, Disconnect and CoA requests, value in request is MD5
digest of request message data appended with secret, using 16 zero octets as
568 RADIUS Data Packets