Appendix A AAA Protocols

Overview of RADIUS

In RADIUS, authentication and authorization are coupled. If the RADIUS server finds the username and the password is correct, the RADIUS server returns an access-accept response, including a list of attribute-value pairs that describe the parameters to use for this session. This list of parameters sets the authorization rights for the user.

Typical parameters include:

Service type

Protocol type

IP address to assign the user (static or dynamic)

Access list to apply

A static route to install in the NAD routing table

The configuration information in the RADIUS server defines which parameters to set on the NAD during installation.

 

User Guide for Cisco Secure Access Control System 5.3

A-10

OL-24201-01

Page 580
Image 580
Cisco Systems OL-24201-01 manual