introduction
RADIUS is a kind of C/S structure of agreement, its client first is NAS (asp.net Access Server) Server, now any operation RADIUS client software computer can become the RADIUS of the client. Authentication mechanism flexible RADIUS agreement, can use PAP, CHAP or Unix login the authentication and so on many kinds of ways. RADIUS is a scalable agreement, all the work it is based on the Attribute - Length - Value. The vector RADIUS also support vendors expand manufacturer proprietary attributes.
Because, simple RADIUS agreement can be expanded, so it has been widely used, including ordinary phone Internet, ADSL, community broadband Internet, IP telephone, VPDN Dialup grow independently, to order the Virtual Private based on dial-up subscribers dial-up Internet business), mobile phone prepaid services. Recently proposed IEEE standard 802.1 x, this is a kind of standard, based on port for wireless network access authentication when authentication, in also USES RADIUS agreement.
history
Livingston is initially RADIUS agreement by the company to put forward, the original aim for the dial-up users authentication and billing. Then after many improvements, forming a general certification billing agreements.
Founded in 1966, Inc. Is a Merit of the university of Michigan, a nonprofit company, its business operation and maintenance of the school MichNet Network connections. In 1987, the Merit in American NSF (national science foundation) won the bid NSFnet (i.e., won the operation of Internet predecessor) contract. Because NSFnet is based on IP networks, but MichNet based on proprietary network protocol, but how will MichNet Merit faced the proprietary network protocol evolution for IP, also want to put a large amount of MichNet dial-up business and its relevant proprietary protocol transplanted into IP network up.
In 1991, Merit decided to tender dial-up server vendors, a few months later, a company called Livingston company, some Suggestions for named RADIUS, won the contract.
In 1992, the IETF NASREQ working group in autumn, then was submitted a draft RADIUS as. Soon, RADIUS become in fact network access to the standard, almost all the network access server vendors are realized this agreement.
In 1997, RFC2058 published, followed by the RADIUS RADIUS RFC2865 RFC2138, the latest published in June 2000.
Basic working principle
User Access NAS, NAS to RADIUS server use Access - Require user information, including packets submit username, password and other related information, including through MD5 encryption user password is used, both sides share of keys, the key not pass through network dissemination; RADIUS server user name and password legitimacy for inspection, necessary to put forward a Challenge to the user, asked for further authentication, also can do the same for NAS authentication; If so, give NAS packets, Accept returns Access - allow users to undertake next work, or return to Access - Reject data packets, refused to user Access; If allowed to visit, NAS proposed RADIUS server Account - Require, billing request RADIUS server respond to user Account - Accept, the billing began, and users can conducted their own related operations.
RADIUS also support the agency and roaming function. Say simply, the acting is a server, can serve as other RADIUS server, responsible for forwarding agency of authentication and billing packet RADIUS. The so-called roaming function, is a concrete realization of agency that can let users through original and its irrelevant RADIUS server user authentication, located to the attribution operators can also get service, also can achieve virtual operation.
RADIUS server and NAS servers communicate via the UDP protocol, RADIUS server for the authentication, 1813 port 1812 responsible billing work. Port The basic consideration by UDP mostly because NAS and RADIUS server in the same LAN, use the UDP more convenient and UDP is connectionless RADIUS of pressure, can reduce the and better safety.
RADIUS agreement also provides retransmission mechanism. If NAS to a certain RADIUS server submission requests received no return information, so may require backup RADIUS service valued preach. With multiple backup RADIUS server, so NAS for retransmission, can use polling methods. If backup RADIUS server keys and former RADIUS server key is different, need to to be certified.
RADIUS is a kind of C/S structure of agreement, its client first is NAS (asp.net Access Server) Server, now any operation RADIUS client software computer can become the RADIUS of the client. Authentication mechanism flexible RADIUS agreement, can use PAP, CHAP or Unix login the authentication and so on many kinds of ways. RADIUS is a scalable agreement, all the work it is based on the Attribute - Length - Value. The vector RADIUS also support vendors expand manufacturer proprietary attributes.
Because, simple RADIUS agreement can be expanded, so it has been widely used, including ordinary phone Internet, ADSL, community broadband Internet, IP telephone, VPDN Dialup grow independently, to order the Virtual Private based on dial-up subscribers dial-up Internet business), mobile phone prepaid services. Recently proposed IEEE standard 802.1 x, this is a kind of standard, based on port for wireless network access authentication when authentication, in also USES RADIUS agreement.
history
Livingston is initially RADIUS agreement by the company to put forward, the original aim for the dial-up users authentication and billing. Then after many improvements, forming a general certification billing agreements.
Founded in 1966, Inc. Is a Merit of the university of Michigan, a nonprofit company, its business operation and maintenance of the school MichNet Network connections. In 1987, the Merit in American NSF (national science foundation) won the bid NSFnet (i.e., won the operation of Internet predecessor) contract. Because NSFnet is based on IP networks, but MichNet based on proprietary network protocol, but how will MichNet Merit faced the proprietary network protocol evolution for IP, also want to put a large amount of MichNet dial-up business and its relevant proprietary protocol transplanted into IP network up.
In 1991, Merit decided to tender dial-up server vendors, a few months later, a company called Livingston company, some Suggestions for named RADIUS, won the contract.
In 1992, the IETF NASREQ working group in autumn, then was submitted a draft RADIUS as. Soon, RADIUS become in fact network access to the standard, almost all the network access server vendors are realized this agreement.
In 1997, RFC2058 published, followed by the RADIUS RADIUS RFC2865 RFC2138, the latest published in June 2000.
Basic working principle
User Access NAS, NAS to RADIUS server use Access - Require user information, including packets submit username, password and other related information, including through MD5 encryption user password is used, both sides share of keys, the key not pass through network dissemination; RADIUS server user name and password legitimacy for inspection, necessary to put forward a Challenge to the user, asked for further authentication, also can do the same for NAS authentication; If so, give NAS packets, Accept returns Access - allow users to undertake next work, or return to Access - Reject data packets, refused to user Access; If allowed to visit, NAS proposed RADIUS server Account - Require, billing request RADIUS server respond to user Account - Accept, the billing began, and users can conducted their own related operations.
RADIUS also support the agency and roaming function. Say simply, the acting is a server, can serve as other RADIUS server, responsible for forwarding agency of authentication and billing packet RADIUS. The so-called roaming function, is a concrete realization of agency that can let users through original and its irrelevant RADIUS server user authentication, located to the attribution operators can also get service, also can achieve virtual operation.
RADIUS server and NAS servers communicate via the UDP protocol, RADIUS server for the authentication, 1813 port 1812 responsible billing work. Port The basic consideration by UDP mostly because NAS and RADIUS server in the same LAN, use the UDP more convenient and UDP is connectionless RADIUS of pressure, can reduce the and better safety.
RADIUS agreement also provides retransmission mechanism. If NAS to a certain RADIUS server submission requests received no return information, so may require backup RADIUS service valued preach. With multiple backup RADIUS server, so NAS for retransmission, can use polling methods. If backup RADIUS server keys and former RADIUS server key is different, need to to be certified.
I'm looking for affordable radius billing software?
ReplyDelete