World Library  
  


Download
Add to Book Shelf
Flag as Inappropriate
Email this Book

Ieee 802. 1X Remote Authentication Dial in User Service (Radius) Usage Guidelines

By Congdon, P.

Click here to view

Book Id: WPLBN0000694037
Format Type: PDF eBook:
File Size: 0.1 MB
Reproduction Date: 2005

Title: Ieee 802. 1X Remote Authentication Dial in User Service (Radius) Usage Guidelines  
Author: Congdon, P.
Volume:
Language: English
Subject: Reference Collection, Accounting (Financial Record Keeping), Finance Management
Collections: Technical eBooks and Manuals Collection, Technical eBooks Collection
Historic
Publication Date:
Publisher:

Citation

APA MLA Chicago

Congdon, B. P. (n.d.). Ieee 802. 1X Remote Authentication Dial in User Service (Radius) Usage Guidelines. Retrieved from http://gutenberg.cc/

Description
Technical Reference Publication

Excerpt
Excerpt: In situations where it is desirable to centrally manage authentication, authorization and accounting (AAA) for IEEE 802 networks, deployment of a backend authentication and accounting server is desirable. In such situations, it is expected that IEEE 802.1X Authenticators will function as AAA clients. This document provides suggestions on RADIUS usage by IEEE 802.1X Authenticators. Support for any AAA protocol is optional for IEEE 802.1X Authenticators, and therefore this specification has been incorporated into a non-normative Appendix within the IEEE 802.1X specification.

Table of Contents
Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Terminology. . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Requirements Language. . . . . . . . . . . . . . . . . . 4 2. RADIUS Accounting Attributes . . . . . . . . . . . . . . . . . 5 2.1. Acct-Terminate-Cause . . . . . . . . . . . . . . . . . . 5 2.2. Acct-Multi-Session-Id. . . . . . . . . . . . . . . . . . 6 2.3. Acct-Link-Count. . . . . . . . . . . . . . . . . . . . . 7 3. RADIUS Authentication. . . . . . . . . . . . . . . . . . . . . 7 3.1. User-Name. . . . . . . . . . . . . . . . . . . . . . . . 8 3.2. User-Password, CHAP-Password, CHAP-Challenge . . . . . . 8 3.3. NAS-IP-Address, NAS-IPv6-Address . . . . . . . . . . . . 8 3.4. NAS-Port . . . . . . . . . . . . . . . . . . . . . . . . 8 3.5. Service-Type . . . . . . . . . . . . . . . . . . . . . . 8 3.6. Framed-Protocol. . . . . . . . . . . . . . . . . . . . . 9 3.7. Framed-IP-Address, Framed-IP-Netmask . . . . . . . . . . 9 3.8. Framed-Routing . . . . . . . . . . . . . . . . . . . . . 9 3.9. Filter-ID. . . . . . . . . . . . . . . . . . . . . . . . 9 3.10. Framed-MTU . . . . . . . . . . . . . . . . . . . . . . . 9 3.11. Framed-Compression . . . . . . . . . . . . . . . . . . . 10 3.12. Displayable Messages . . . . . . . . . . . . . . . . . . 10 3.13. Callback-Number, Callback-ID . . . . . . . . . . . . . . 10 3.14. Framed-Route, Framed-IPv6-Route. . . . . . . . . . . . . 11 3.15. State, Class, Proxy-State. . . . . . . . . . . . . . . . 11 3.16. Vendor-Specific. . . . . . . . . . . . . . . . . . . . . 11 3.17. Session-Timeout. . . . . . . . . . . . . . . . . . . . . 11 3.18. Idle-Timeout . . . . . . . . . . . . . . . . . . . . . . 12 3.19. Termination-Action . . . . . . . . . . . . . . . . . . . 12 3.20. Called-Station-Id. . . . . . . . . . . . . . . . . . . . 12 3.21. Calling-Station-Id . . . . . . . . . . . . . . . . . . . 12 3.22. NAS-Identifier . . . . . . . . . . . . . . . . . . . . . 12 3.23. NAS-Port-Type. . . . . . . . . . . . . . . . . . . . . . 12 3.24. Port-Limit . . . . . . . . . . . . . . . . . . . . . . . 13 3.25. Password-Retry . . . . . . . . . . . . . . . . . . . . . 13 3.26. Connect-Info . . . . . . . . . . . . . . . . . . . . . . 13 3.27. EAP-Message. . . . . . . . . . . . . . . . . . . . . . . 13 3.28. Message-Authenticator. . . . . . . . . . . . . . . . . . 13 3.29. NAS-Port-Id. . . . . . . . . . . . . . . . . . . . . . . 13 3.30. Framed-Pool, Framed-IPv6-Pool. . . . . . . . . . . . . . 14 3.31. Tunnel Attributes. . . . . . . . . . . . . . . . . . . . 14 4. RC4 EAPOL-Key Descriptor . . . . . . . . . . . . . . . . . . . 15 5. Security Considerations. . . . . . . . . . . . . . . . . . . . 18 5.1. Packet Modification or Forgery . . . . . . . . . . . . . 18 5.2. Dictionary Attacks . . . . . . . . . . . . . . . . . . . 19 5.3. Known Plaintext Attacks. . . . . . . . . . . . . . . . . 19 5.4. Replay . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.5. Outcome Mismatches . . . . . . . . . . . . . . . . . . . 20

 
 



Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.