What is RADIUS?
RADIUS stands for “Remote Authentication Dial-In User Service”. An application layer protocol that provides AAA (Authentication, Authorization, and Accounting) for users who uses network services.
It is a client/server model. Means, centralized networking with communicating systems are either client or server (each with equal responsibilities).
RADIUS uses TCP or UDP protocol for transport mechanism and uses the 1812-port number.
Authentication: It is a process of identifying correct user.
Authorization: It is the process of giving access to an user to the correct resource/web page.
Accounting: It is a process of tracking user activities.
How RADIUS works?
Step 1: User requests point-to-point protocol (PPP) authentication to the network access server (NAS).
: It creates direct connection between two network nodes. It supports Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP).
: It is a service that clients dial to get access to the network.
Step 2: NAS ask for credentials.
Step 3: User provides credentials.
Step 4: RADIUS client sends user-provided credentials to RADIUS server with a password in encrypted form.
Step 5: RADIUS server gives a response with the status like accepted or rejected. Then RADIUS client acts upon the parameters of the services.
Where RADIUS authentication used?
• Internet service provider (ISP) uses RADIUS authentication to provide security to the user.
• Educational organizations use the RADIUS authentication to secure their dial-in IP network.
What are the benefits of using UDP protocol in RADIUS authentication?
• No rebooting required
• UDP is a stateless protocol
• Easy to implement
What are the advantages of using RADIUS authentication?
• Centralized networking
• Provides security against sniffing
• Easy to configure
• It supports multiple authentication methods