RADIUS in Network Security

In this article I describe RADIUS in network security. RADIUS is acronym for Remote Authentication Dial In User Service. It is necessary to know about some network security basic concepts along with management of networking devices. We know there are a lots of threats available on internet. Similarly for any network there are many ways to effect the network from virus and hackers. If your network is connected with internet, it is not safe.

There are many types of vulnerability in a network connected with internet. Hackers from all over the world always try to get information from any network. You can safe your network from these attacks by understanding some network security basic concepts. Now a lots of devices transfers data over the internet over wired, wireless and cellular networks.

Network security protects the devices from unauthorized access and malfunction activities. Malfunction activities can modify or destroy the data. The major cause of data theft is frequently use of internet from mobile and computers. We share personal data on social sites and do financial transaction on internet. The data shared on internet is always on risk from hackers and attackers. To keep safe the data from unauthorized access network security is necessary. We can prevent the attacks on our devices by aware about network security basic concepts.

You may also like to read --  IPv6 Privacy Extensions

Network security is necessary to protect the own networking devices and clients from unauthorized access, destruction and malfunction etc. Internet is the main resource of security threats. We manage the network for protection from these threats. We can say network security is all about to protect our internet connected computers from virus and hackers. You can manage our network security by using some firewalls, router etc. We allow unauthorized access to unknown persons by compromising own network security.

RADIUS is a network protocol provide secure remote connection of network devices. RADIUS was initially launched by IETF in 1991. The purpose of RADIUS in network security is to authenticate and authorize user access to a remote network. RADIUS works on client server architecture which allow remote access or network devices with a central server.

RADIUS in Network Security, ccna, ccna tutorials

RADIUS works on UDP network protocol. RADIUS provide security for unauthorized access with a combination of authentication and authorization with a single process.  Firstly the authentication is required the user authorized for network services. In server client architecture for RADIUS the clients are networking devices like switch and routers. The server role is done by RADIUS software which supports UNIX and Windows operating system.

You may also like to read --  TACACS in network security

Function of RADIUS in Network Security

Firstly the authentication process takes place in which username and password required by the user. The input username and password sent to the RADIUS server. The password sent in encrypted format to the RADIUS server. On receiving the username and password RADIUS can react with any one of ACCEPT, REJECT, CHALLENGE OR CHANGE PASSWORD. ACCEPT means the user is successfully authenticated and authorize to access the client. REJECT means the username and password are not correct. CHALLENGE means some additional information may be required to access the RADIUS server.

Configuration of RADIUS in network security

First thing we need to configure RADIUS service in router is to enable the AAA service. AAA service is known as Authentication Authorization and Accounting. Run aaa new-model command in global configuration mode see below command window.

 Router>enable
 Router#config t
 Router(config)#aaa ?
 accounting Accounting configurations parameters.
 authentication Authentication configurations parameters.
 authorization Authorization configurations parameters.
 new-model Enable NEW access control commands and functions.(Disables
 OLD commands.)
 Router(config)#aaa new-model
 Router(config)#do wr
 Building configuration...
 [OK] 

This command allow local authentication to all interfaces and lines of router. Now configure a local username and password by running the below commands. Local user authentication is required to access the router in case of failure from external authentication. For example I set username is admin and password is root.

 Router(config)#username admin password root
 Router(config)#do wr
 Building configuration...
 [OK] 

Now configure the RADIUS server and key by running the below commands. Here server name is radiuslogin and key is secureloginkey.

 
 Router(config)#radius server radiuslogin
 Router(config-radius-server)#address ipv4 10.10.10.1
 Router(config-radius-server)#key secureloginkey
 Router(config-radius-server)#exit
 Router(config)#do wr
 Building configuration...
 [OK] 

Configuration of RADIUS server completed by running above commands. Now we need to add this newly created RADIUS server to AAA group of any name. Run the below commands to allow RADIUS group .

 Router(config)#aaa authentication login testradiusgroup group radius local 

After running above all commands you successfully configured the RADIUS in router.

You may also like to read --  Role and function of endpoints.

I hope you understood the purpose and configuration of RADIUS. For any query or suggestion you may contact us or drop a comment in the below comment form. Share this article if you found this helpful. Your suggestions are always welcome by us.

Share this article in your social circle :)
,

Leave a Reply

Your email address will not be published. Required fields are marked *