RADIUS stands for Remote Authentication Dial in User Service. It is a type of networking protocol used within a network service. This type of protocol provides centralized access, authorization, and accounting so that users can connect to that service. However, users have to pass an authentication process for them to be able to connect to the network service.
The authentication process is often referred to as Triple A. Aside from providing access, the authentication process also recognizes the privileges a user can receive. Authentication is reflected in the server’s accounting feature.
RADIUS is widely used in ISPs, access points, integrated e-mail services, network ports, and Web servers. Meanwhile, the networks used in RADIUS use tools like DSL, modem, VPNs, and wireless.
First Two Steps of the Triple A Process
Your access credentials are necessary if you want to access a particular network resource. This is done by sending a request to the Network Access Server (NAS). Once your access credentials are subjected to the NAS device, they are forwarded to the RADIUS server via an Access Request message. The request demands authorization in the RADIUS protocol.
Your access credentials include your username, password, and other security certificates you can provide. The RADIUS server goes through a series of verification processes to determine if the information you provided are authentic. This is done by comparing the given information to a local file database.
You may receive any of the following responses for the request.
- Access Reject
- Access Challenge
- Access Accept
Accounting: Last of the Triple A Process
Whenever you are granted access by the NAS, there is an automatic Accounting Start request sent to the RADIUS server. Once it is done, you can already access the network. Information like your identification, network address, unique session identifier, and point of attachment, is recorded on the Accounting processes.
Accounting is also done regularly to update patterns of active sessions. It records the duration of these sessions and the information used during these sessions. All data are used for statistical purposes and for analysis of network monitoring.