adam's notes

Remote Authentication Dial-In User Service (RADIUS)

Remote Authentication Dial-In User Service (RADIUS) is a AAA protocol used to manage remote and wireless authentication infrastructures.

  • widely used for client device access over VPN
  • wireless access point is configured as a client of the RADIUS server
    • WAP forwards credentials between the RADIUS server and the supplicant without being able to read it
  • each RADIUS client must be configured with:
    • IP address of the RADIUS server
    • same shared secret
      • enables trust
  • often used for network access control over end user devices
  • allows the authenticator and authentication server to communicate authentication and authorization decisions
    • authenticator is a RADIUS client
    • authentication server is a RADIUS server
  • several RADIUS server and client products
  • uses UDP ports 1812 and 1813

Graph View

Backlinks