RADIUS Communication
RADIUS uses UDP as transmission protocol to communicate between the client and the server using UDP port
1812 for authentication and authorization requests, and UDP port 1813 for accounting requests. Earlier
deployments of RADIUS used UDP port 1645 for authentication and authorization requests, which conflicted with
the registered "datametrics" service, and the deployments used UDP port 1646 for accounting, which conflicted
with the "sa-msg-port" registered service.
As a connectionless protocol, UDP does not offer guaranteed delivery. Issues related to server availability,
retransmission, and timeouts are handled by the RADIUS-enabled devices rather than the transmission protocol.
The RADIUS communication is triggered by a user login that consists of a query (packet type: Access-
Request) that originates from the NAS and is sent to the RADIUS server. A corresponding response (packet
type: Access-Accept or Access-Reject) is received back from the RADIUS server.
The Access-Request packet contains the username, encrypted password, NAS IP address, and NAS port number
information. The packet also contains information on the type of session that the user wants to initiate.
Pages:
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453