--> AAA works based upon two protocols
i) TACACS+
ii) RADIUS
RADIUS
--> RADIUS uses UDP port number 1812( Authentication)/ 1813 ( Accounting) for communication.
--> Encrypts only Password.
---> Combines Authentication and Authorization as one process.
--> Used in Network Access.
RADIUS Authentication/ Authorization Process
i) AAA client sends Access Request message to AAA server for authentication/ authorization. This message is used for device administration/ network access.
ii) AAA server sends Access Accept message to AAA client for authentication. AAA server sends list of AV Pairs ( Ex: DACL,Dynamic Vlan, SGT).
iii) AAA server sends Access Challenge message to AAA client for additional Information used for two factor authentication such as second password
RADIUS Accounting Process:
-- > It is similar to TACACS+ uses two messages
i) Accounting Request
ii) Accounting Response
i) TACACS+
ii) RADIUS
RADIUS
--> RADIUS uses UDP port number 1812( Authentication)/ 1813 ( Accounting) for communication.
--> Encrypts only Password.
---> Combines Authentication and Authorization as one process.
--> Used in Network Access.
RADIUS Authentication/ Authorization Process
i) AAA client sends Access Request message to AAA server for authentication/ authorization. This message is used for device administration/ network access.
ii) AAA server sends Access Accept message to AAA client for authentication. AAA server sends list of AV Pairs ( Ex: DACL,Dynamic Vlan, SGT).
iii) AAA server sends Access Challenge message to AAA client for additional Information used for two factor authentication such as second password
RADIUS Accounting Process:
-- > It is similar to TACACS+ uses two messages
i) Accounting Request
ii) Accounting Response
0 comments:
Post a Comment