6.2. RADIUS

The RADIUS protocol was originally developed for use with dial-up networks. While it is still primarily used to authenticate dial-up accounts, it has become a popular tool for authenticating other network devices. This growth makes sense, as many administrators do not like the idea of maintaining one AAA server for routers and switches, and another for dial-in users.

RADIUS operates on Port 1812, over UDP transport, and is specified in RFC 2865. The original RADIUS protocol included support for the Point-to-Point Protocol (PPP) and Unix logins; vendors have incorporated support for other types of logins to their versions of RADIUS.

RADIUS authentication is handled through shared secret keys sent over clear text packets; however, ...

Get The Practice of Network Security: Deployment Strategies for Production Environments now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.