Remote Authentication Dial In User Service (RADIUS)
RFC 2138
Document | Type |
RFC - Proposed Standard
(April 1997; No errata)
Obsoleted by RFC 2865
Obsoletes RFC 2058
|
|
---|---|---|---|
Authors | Allan Rubens , Carl Rigney , Steve Willens , William Simpson | ||
Last updated | 2013-03-02 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 2138 (Proposed Standard) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group C. Rigney Request for Comments: 2138 Livingston Obsoletes: 2058 A. Rubens Category: Standards Track Merit W. Simpson Daydreamer S. Willens Livingston April 1997 Remote Authentication Dial In User Service (RADIUS) Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document describes a protocol for carrying authentication, authorization, and configuration information between a Network Access Server which desires to authenticate its links and a shared Authentication Server. Implementation Note This memo documents the RADIUS protocol. There has been some confusion in the assignment of port numbers for this protocol. The early deployment of RADIUS was done using the erroneously chosen port number 1645, which conflicts with the "datametrics" service. The officially assigned port number for RADIUS is 1812. Table of Contents 1. Introduction .......................................... 3 1.1 Specification of Requirements ................... 4 1.2 Terminology ..................................... 5 2. Operation ............................................. 5 2.1 Challenge/Response .............................. 7 2.2 Interoperation with PAP and CHAP ................ 7 2.3 Why UDP? ........................................ 8 3. Packet Format ......................................... 10 4. Packet Types .......................................... 13 4.1 Access-Request .................................. 13 Rigney, et. al. Standards Track [Page 1] RFC 2138 RADIUS April 1997 4.2 Access-Accept ................................... 14 4.3 Access-Reject ................................... 15 4.4 Access-Challenge ................................ 17 5. Attributes ............................................ 18 5.1 User-Name ....................................... 21 5.2 User-Password ................................... 22 5.3 CHAP-Password ................................... 23 5.4 NAS-IP-Address .................................. 24 5.5 NAS-Port ........................................ 25 5.6 Service-Type .................................... 26 5.7 Framed-Protocol ................................. 28 5.8 Framed-IP-Address ............................... 29 5.9 Framed-IP-Netmask ............................... 29 5.10 Framed-Routing .................................. 30 5.11 Filter-Id ....................................... 31 5.12 Framed-MTU ...................................... 32 5.13 Framed-Compression .............................. 33 5.14 Login-IP-Host ................................... 33 5.15 Login-Service ................................... 34 5.16 Login-TCP-Port .................................. 35 5.17 (unassigned) .................................... 36 5.18 Reply-Message ................................... 36 5.19 Callback-Number ................................. 37 5.20 Callback-Id ..................................... 38 5.21 (unassigned) .................................... 38 5.22 Framed-Route .................................... 39 5.23 Framed-IPX-Network .............................. 40 5.24 State ........................................... 40 5.25 Class ........................................... 41 5.26 Vendor-Specific ................................. 42 5.27 Session-Timeout ................................. 44 5.28 Idle-Timeout .................................... 44 5.29 Termination-Action .............................. 45 5.30 Called-Station-Id ............................... 46 5.31 Calling-Station-Id .............................. 47Show full document text