Solved

Radius Attribute

Posted on 2013-01-12
7
280 Views
Last Modified: 2013-03-01
Hi,

Can anyone clear explain the role of radius attributes in the authorization process, I'm unsure of what it is the attributes actually do.

Thanks
0
Comment
Question by:simonphoenix10
7 Comments
 
LVL 10

Expert Comment

by:abbright
Comment Utility
Radius attributes allow the radius server to send additional information to the authenticating device.
For example if you have a user authenticating to a WLAN a radius server can check for certain group memberships and assign a certain VLAN to the user. This VLAN is communicated to the wireless controller / access point via radius attributes.
0
 

Author Comment

by:simonphoenix10
Comment Utility
Thanks, are you able to explain the process i'm particular interested in if the attributes are generated by the NAS and sent to the Radius server or returned by the radius server to the NAS.
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
Comment Utility
The attributes are usually set on the RADIUS server and sent to the NAS when a client tries to connect.

So for example, you would set a policy on the RADIUS server which assigns privilege level 1 to a user in the ReadOnly group, but assign level 15 to users in the WriteAccess group.  The group will generally be a security group that is assigned to the user's account.  The NAS wouldn't know about this as it just relays the credentials from the client to the RADIUS, then does whatever the RADIUS says.
0
 
LVL 42

Expert Comment

by:kevinhsieh
Comment Utility
As specified by the previous expert, the attributes are sent from the RADIUS server to the nas.
0
 

Author Closing Comment

by:simonphoenix10
Comment Utility
Thanks for the example make it easier if you had a link to PDF or article I would appreciate it
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now