This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

RSA® Authentication Manager Documentation

Browse the official RSA Authentication Manager documentation for helpful tutorials, step-by-step instructions, and other valuable resources.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Versions
Collections
All Downloads

Table of Contents

Product Resources

RSA RADIUS Authentication Process

In a RADIUS-protected network, the authentication process works as follows.

In a RADIUS-protected network, the authentication process works as follows:

  1. The user provides authentication information to a RADIUS client.

  2. The RADIUS client sends an “Access-Request” to server, which could include the following:

    • User ID

    • User password (encrypted)

    • Client ID

    • Port ID

  3. RSA RADIUS validates the client using a shared secret. If no secret exists, the request is ignored.

  4. RSA RADIUS checks requirements that must be met for the user to access the resource. The requirements are known as RADIUS attributes and may include the following:

    • Password

    • Clients through which the user can access a resource

    • Ports on which the user can access

  5. RSA RADIUS forwards the request to Authentication Manager.

  6. Authentication Manager allows or denies the request.

  7. RSA RADIUS sends one of three responses:

    • Access-Accept. RSA RADIUS allows access and returns a set of RADIUS attributes to the client.

    • Access-Challenge. RSA RADIUS issues a challenge to which the user must respond, for example, with a passcode.

    • Access-Reject. The conditions are not met so access is denied.

RADIUS clients control user access at the network perimeter. RADIUS clients, which can be VPN servers, wireless access points, or Network Access Servers connected to dial-in modems, interact with RSA RADIUS for user authentication and to establish appropriate access control parameters. When authentication succeeds, RSA RADIUS returns a set of attributes to RADIUS clients for session control.

The following figure shows how an RSA RADIUS server runs as a service on an Authentication Manager instance. The RADIUS service handles the requests from the clients and communicates with the Authentication Manager, which processes the authentications and grants or denies access to the user.

radiusSystem_637x371.png

 

 

 

 

 

Previous Topic:RSA RADIUS Overview
You are here
Table of Contents > RADIUS > RSA RADIUS Authentication Process
Labels (2)
0 Likes
Was this article helpful? Yes No
No ratings
© 2023 RSA Security LLC or its affiliates. All rights reserved.