RADIUS System Components

Like many protocols, RADIUS uses a client-server model. A RADIUS client (also called a Network Access Server, or NAS) sends requests to a RADIUS server. The RADIUS server then processes the request and sends back a response.

Common NAS products include wireless access points such as the Linksys WRT54G and dial-up equipment commonly available from large network manufacturers. Common RADIUS server products include Cisco ISE, Microsoft NPS, Steel Belted RADIUS, Open Systems Radiator, and FreeRADIUS.

While the RADIUS protocol shares the general concept of client-server communication with many other protocols such as HTTP and SMTP, the specifics of RADIUS communications differ. The following sections describe the RADIUS system in more detail, including the roles of the NAS, the server, and databases such as MySQL and Lightweight Directory Access Protocol (LDAP).

Table 1. RADIUS components and their descriptions.
Component Name	Functions	Examples
User/Device	Requests access to the network.	Laptop
		Asymmetric Digital Subscriber Line (ADSL) Modem
		VOIP Phone
Network Access Server (NAS)	Provides access to the network for the user/device.	Switch
		Wireless Access Point
		DSLAM
		VPN Terminator
RADIUS Server	Receives authentication requests from the NAS. Returns authorization information to the NAS. Optionally requests user and configuration information from the database or directory. May return configuration parameters to the NAS. Receives accounting information from the NAS.	FreeRADIUS
		Radiator
		ISE
		NPS
databases	System which stores user credentials, accounting information, etc.	SQL Database
		Kerberos Service Server
		LDAP Directory