Radius Server

Radius, short for Remote Authentication Dial-in User Service, is one of the application layer protocols. RADIUS server is a network device used to authenticate users. Thanks to RADIUS Server, we can control who can connect to our network. It is mainly used by internet service providers to manage Internet access through their customers. The RADIUS protocol uses a RADIUS server and RADIUS clients.

RADIUS server uses a central database to authenticate users. RADIUS works as a client server protocol that authenticates each user with a unique encryption key when access is granted.

The general working mechanism is as follows;

• It starts when the user sends a request to the server for access.
• The server receives the request and authentication begins. The client can send request over HTTPS connection or VPN.
• In case of HTTPS connection; occurs with the port. In case of VPN connection; via IPSec takes place.
• The server receives the username and password from the user, creates the message and sends it to the RADIUS server.
• The password is encrypted on the access request. The RADIUS server receives the request and checks if it came from a known server. If not, the request is immediately rejected and the server is prevented from making any further requests.
• If the client server is a known server, the shared secret is checked. The server also looks at the authentication method request.
• If the authentication method is allowed, the username and password are accessed. Decryption is done and the credentials are matched with those in the database.
• After matching, various user information and data are fetched to match the access policy set on the server.
• If everything fits and matches, the response is sent. Otherwise, access is denied.

Radius Server Configurations on Cisco Packet Tracer;

Radius server IP configuration

Radius Server-AAA

Wireless Router Settings