RADIUS
The subject of security never strays far from the minds of IT workers, for good reason. If there is a network with even just one connection to another network, it needs to be secured. RADIUS, or Remote Authentication Dial-In User Service, is a widely deployed protocol that enables companies to authe...
| Main Author: | |
|---|---|
| Format: | eBook |
| Language: | English |
| Published: |
Beijing
O'Reilly
2002
|
| Edition: | 1st ed |
| Subjects: | |
| Online Access: | |
| Collection: | O'Reilly - Collection details see MPG.ReNa |
Table of Contents:
- Table of Contents; Preface; Audience; Organization; Conventions Used in This Book; How to Contact Us; Acknowledgments; An Overview of RADIUS; An Overview of AAA; Authentication; Authorization; Accounting; Key Points About AAA Architecture; The Authorization Framework; Authorization Sequences; Roaming; Distributed Services; Policies; Resource and Session Management; And Now, RADIUS; A Brief History; Properties of RADIUS; Limitations of RADIUS; RADIUS Specifics; Using UDP versus TCP; Packet Formats; Code; Identifier; Length; Authenticator; Packet Types; Access-Request; Access-Accept
- Framed-RouteFramed-Routing; Idle-Timeout; Login-LAT-Group; Login-LAT-Node; Login-LAT-Port; Login-LAT-Service; Login-IP-Host; Login-Service; Login-TCP-Port; NAS-Identifier; NAS-IP-Address; NAS-Port; NAS-Port-Type; Port-Limit; Proxy-State; Reply-Message; Service-Type; Session-Timeout; State; Terminate-Action; User-Name; User-Password; Vendor-Specific; RADIUS Accounting; Key Points in RADIUS Accounting; Basic Operation; More on Proxying; The Accounting Packet Format; Code; Identifier; Length; Authenticator; Reliability of Accounting; Accounting Packet Types; Accounting-Request
- Max_request_timedelete_blocked_requests; cleanup_delay; max_requests; bind_address; port; hostname_lookups; allow_core_dumps; regular and extended expressions; log; lower_user and lower_pass; nospace_user and nospace_pass; Configuring the users File; A sample complete entry; DEFAULT entries; Prefixes and suffixes; Using RADIUS callback; Completely denying access to users; Troubleshooting Common Problems; Linking Errors When Starting FreeRADIUS; Incoming Request Passwords Are Gibberish; NAS Machine Ignores a RADIUS Reply; CHAP Authentication Doesn't Work Correctly; Advanced FreeRADIUS
- Access-RejectAccess-Challenge; Shared Secrets; Attributes and Values; Attributes; Attribute types; Vendor-specific attributes; Values; Dictionaries; Authentication Methods; PAP; CHAP; Selecting PAP, CHAP, or Other Protocols; Realms; RADIUS Hints; Standard RADIUS Attributes; Attribute Properties; Callback-ID; Callback-Number; Called-Station-ID; Calling-Station-ID; CHAP-Challenge; CHAP-Password; Class; Filter-ID; Framed-AppleTalk-Link; Framed-AppleTalk-Network; Framed-AppleTalk-Zone; Framed-Compression; Framed-IP-Address; Framed-IP-Netmask; Framed-IPX-Network; Framed-MTU; Framed-Protocol
- Accounting-ResponseAccounting-specific Attributes; Acct-Status-Type; Acct-Delay-Time; Acct-Input-Octets; Acct-Output-Octets; Acct-Session-ID; Acct-Authentic; Acct-Session-Time; Acct-Input-Packets; Acct-Output-Packets; Acct-Terminate-Cause; Acct-Multi-Session-ID; Acct-Link-Count; Getting Started with FreeRADIUS; Introduction to FreeRADIUS; Installing FreeRADIUS; The clients File; The naslist File; The naspasswd File; The hints File; The huntgroups File; The users File; The radiusd.conf File; Testing the Initial Setup; In-depth Configuration; Configuring radiusd.conf; pidfile; user and group