Skip to main content

Radius Architecture

Introduction

 

image-1661408963698.png

 

Access Reject: The user is unconditionally denied access to all requested network resources. Reasons may include failure to provide proof of identification or an unknown or inactive user account.

Access Challenge: Requests additional information from the user such as a secondary password, PIN, token, or card. Access Challenge is also used in more complex authentication dialogs where a secure tunnel is established between the user machine and the Radius protocolServer (Remotein Authenticationa Dial-Inway Userthat Service)the access credentials are hidden from the NAS.

Access Accept: The user is agranted networkingaccess. protocolOnce the user is authenticated, the RADIUS server will often check that authorizesthe anduser authenticatesis usersauthorized whoto accessuse the network service requested. A given user may be allowed to use a remotecompany's network.

wireless
network,


but not its VPN service, for example. Again, this information may be stored locally on the RADIUS server, or may be looked up in an external source such as LDAP or Active Directory.


https://es.wikipedia.org/wiki/RADIUS