- RADIUS (Remote Authentication Dial-In User Service) is a security service for authenticating and authorizing dial-up users. A typical enterprise network may have an access server attached to a modem pool, along with a RADIUS server to provide authentication services. Remote users dial into the access server, and the access server sends authentication requests to the RADIUS server. The RADIUS server authenticates users and authorizes access to internal network resources. Remote users are clients to the access server and the access server is a client to the RADIUS server.
Note
RADIUS is only available in AP mode. - When sending the authentication request to the RADIUS server, the wireless client use the MAC address as the username. This would be received by the RADIUS server in the following format :
- aabbcc-ddeeff
- aabbccddeeff
- aa-bb-cc-dd-ee-ff
- -
- The radius server IP address and TCP port.
- Sets a amount of users which ran access without any valid radius authentifaction
- Sets the property which radius password should be used, the shared key or the mac adress itself
- Transactions between the client and RADIUS accounting server are authenticated through the use of a shared secret, which is never sent over the network.
- If the Radius server becomes unavailable, the radius authentication will be disabled until it becoms reachable again. This allows wireless remote administration of a Access Point in fail scenarios.