RADIUS Authentication Client MIB
RFC 2618

Document Type RFC - Proposed Standard (June 1999; No errata)
Obsoleted by RFC 4668
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 2618 (Proposed Standard)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                            B. Aboba
Request for Comments: 2618                                        G. Zorn
Category: Standards Track                                       Microsoft
                                                                June 1999

                    RADIUS Authentication Client MIB

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1999).  All Rights Reserved.

Abstract

   This memo defines a set of extensions which instrument RADIUS
   authentication client functions. These extensions represent a portion
   of the Management Information Base (MIB) for use with network
   management protocols in the Internet community.  Using these
   extensions IP-based management stations can manage RADIUS
   authentication clients.

1.  Introduction

   This memo defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it describes managed objects used for managing RADIUS
   authentication clients.

   Today a wide range of network devices, including routers and NASes,
   act as RADIUS authentication clients in order to provide
   authentication and authorization services. As a result, the effective
   management of RADIUS authentication clients is of considerable
   importance.

Aboba & Zorn                Standards Track                     [Page 1]
RFC 2618            RADIUS Authentication Client MIB           June 1999

2.  The SNMP Management Framework

   The SNMP Management Framework presently consists of five major
   components:

    o   An overall architecture, described in RFC 2571 [1].

    o   Mechanisms for describing and naming objects and events for the
        purpose of management. The first version of this Structure of
        Management Information (SMI) is called SMIv1 and described in
        STD 16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4].
        The second version, called SMIv2, is described in STD 58, RFC
        2578 [5], RFC 2579 [6] and RFC 2580 [7].

    o   Message protocols for transferring management information. The
        first version of the SNMP message protocol is called SNMPv1 and
        described in STD 15, RFC 1157 [8]. A second version of the
        SNMP message protocol, which is not an Internet standards
        track protocol, is called SNMPv2c and described in RFC 1901
        [9] and RFC 1906 [10].  The third version of the message
        protocol is called SNMPv3 and described in RFC 1906 [10], RFC
        2572 [11] and RFC 2574 [12].

    o   Protocol operations for accessing management information. The
        first set of protocol operations and associated PDU formats is
        described in STD 15, RFC 1157 [8]. A second set of protocol
        operations and associated PDU formats is described in RFC 1905
        [13].

    o   A set of fundamental applications described in RFC 2573 [14] and
        the view-based access control mechanism described in RFC 2575
        [15].

   Managed objects are accessed via a virtual information store, termed
   the Management Information Base or MIB.  Objects in the MIB are
   defined using the mechanisms defined in the SMI.

   This memo specifies a MIB module that is compliant to the SMIv2. A
   MIB conforming to the SMIv1 can be produced through the appropriate
   translations. The resulting translated MIB must be semantically
   equivalent, except where objects or events are omitted because no
   translation is possible (use of Counter64). Some machine readable
   information in SMIv2 will be converted into textual descriptions in
   SMIv1 during the translation process. However, this loss of machine
   readable information is not considered to change the semantics of the
   MIB.

Aboba & Zorn                Standards Track                     [Page 2]
RFC 2618            RADIUS Authentication Client MIB           June 1999

3.  Overview

   The RADIUS authentication protocol, described in [16], distinguishes
   between the client function and the server function. In RADIUS
   authentication, clients send Access-Requests, and servers reply with
   Access-Accepts, Access-Rejects, and Access-Challenges.  Typically NAS
   devices implement the client function, and thus would be expected to
   implement the RADIUS authentication client MIB, while RADIUS
Show full document text