An Acronym for Remote Authentication Dial In User Service.

RADIUS is an authentication, authorization and accounting protocol for terminals on a network, designed by a company called Livingston. A RADIUS server provides a central database for authentication that the remote end of your connection to an ISP can query to verify your credentials. This allows the account information to be maintained in a centralized resource and even be shared among ISPs if they share customers or resell one another's services. Terminals share a secret with the RADIUS server so that not just anyone can go checking passwords against it.

Implementations:

Linux::

• FreeRADIUS project - Provides pam_radius_auth, a PAM module that lets a Linux system authenticate users against a RADIUS server.
• http://www.aradial.com - A Linux and Windows RADIUS implementation to authenticate and account users against a RADIUS server.

Cisco:

Cisco gear talks RADIUS.

Please note the by default, Cisco uses the following ports by default

• 1645 for Authentication.
• 1646 for Accounting.

To operate with FreeRADIUS, you will need to change the ports and since FreeRADIUS use the standards compliance ports, it's best to change the ports on the Cisco device.

• 1812 for Authentication.
• 1813 for Accounting.

MicrosoftWindows 2000:

The Internet Authentication Service provides RADIUS services.

See also:

• RFC:2138, the RADIUS Protocol specification
• RFC:2139, the accounting extensions specification
• TACACS