Solved

Radius Attribute

Posted on 2013-01-12
7
288 Views
Last Modified: 2013-03-01
Hi,

Can anyone clear explain the role of radius attributes in the authorization process, I'm unsure of what it is the attributes actually do.

Thanks
0
Comment
Question by:simonphoenix10
7 Comments
 
LVL 10

Expert Comment

by:abbright
ID: 38770595
Radius attributes allow the radius server to send additional information to the authenticating device.
For example if you have a user authenticating to a WLAN a radius server can check for certain group memberships and assign a certain VLAN to the user. This VLAN is communicated to the wireless controller / access point via radius attributes.
0
 

Author Comment

by:simonphoenix10
ID: 38798238
Thanks, are you able to explain the process i'm particular interested in if the attributes are generated by the NAS and sent to the Radius server or returned by the radius server to the NAS.
0
 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 38921481
The attributes are usually set on the RADIUS server and sent to the NAS when a client tries to connect.

So for example, you would set a policy on the RADIUS server which assigns privilege level 1 to a user in the ReadOnly group, but assign level 15 to users in the WriteAccess group.  The group will generally be a security group that is assigned to the user's account.  The NAS wouldn't know about this as it just relays the credentials from the client to the RADIUS, then does whatever the RADIUS says.
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 38921483
As specified by the previous expert, the attributes are sent from the RADIUS server to the nas.
0
 

Author Closing Comment

by:simonphoenix10
ID: 38943567
Thanks for the example make it easier if you had a link to PDF or article I would appreciate it
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

761 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question