User`s manual

NPort 6000 Series User’s Manual RADIUS Server

F-2

What is RADIUS?

Definition

Remote Authentication Dial-up User Service, or RADIUS, is the standard for centralizing the

authentication, authorization, and accounting of remote access users.

Here is a brief description of how RADIUS works: When a user dials in to a remote access device,

that device communicates with the central RADIUS server to determine if the user is authorized to

connect to the LAN. The RADIUS server performs the authentication and responds with the

result—either accept or reject. If the user is accepted, the remote access server routes the user onto

the network; if not, the server will terminate the user’s connection. The RADIUS server also

provides accounting services if supported by the remote access server.

With RADIUS, a network manager or ISP only needs to maintain a single, central database against

which all remote user authentications take place. This greatly eases the management burden

associated with administering a large number of dial-in users.

Client/Server Architecture

RADIUS is a type of client-server software. Communication servers such as the NPort 6000 play

an active role, whereas RADIUS servers are passive.

When a remote host is connected to the NPort 6000, the host is prompted to enter a user ID and

password.

After receiving the user ID and password, the NPort 6000 sends the information to a defined

RADIUS server. Up to this point, the remote user is still unable to access the network.

The RADIUS server compares the user ID and password with its internal database and responds

through the network, either accepting or rejecting the connection attempt.

If the NPort 6000 receives the “accept” message from the RADIUS server, the remote user is

allowed to access the network. Otherwise, the NPort 6000 will either terminate the connection or

attempt to connect again after a specified duration of time.