Radius Server - Radius server - RFC 2865

This is Interesting: Free IT Magazines  
Home > Archive > Radius Server > January 2008 > Radius server - RFC 2865





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Radius server - RFC 2865
Pete

2008-01-03, 7:22 pm

Hi,

I am trying to understand how the following attributes are used on the
Radius server. The description in the RFC is not clear on this.

Below is my view :-

NAS-IP-Address
The address provided in the NAS-IP-Address attribute is checked
against a user profile on the radius server. The check being can this
user with the IP Address provided in "NAS-IP-Address", allowed to be
authenticated on this Radius server. Presumably, against the user
profile on the radius server, username, password and the IP address
fields can be configured.

This suggests that the IP address provided in "NAS-IP-Address" does
not have to be the same as the source IP address of our Client, as
long as, the IP address configured for the user on the radius server
is agrees with the value provided in NAS-IP-Address.

NAS-Identifier
This is a string to identify the client. The radius server will use
this string name to look up on a DNS to find the client IP address. As
with the NAS-IP-Address, the IP address returned by the DNS is used to
check if the user is allowed to be authenticated on the Radius server.

Could you please confirm or correct my understanding.

Thank you for your help.

Pete
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com