RFC 2882 (rfc2882) - Page 2 of 16
Network Access Servers Requirements: Extended RADIUS Practices
Alternative Format: Original Text Document
RFC 2882 Extended RADIUS Practices July 2000 5.2 Authentication Modes . . . . . . . . . . . . . . . . . . . 8 5.3 Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 5.4 Pseudo Users . . . . . . . . . . . . . . . . . . . . . . . 9 6. Resource Management . . . . . . . . . . . . . . . . . . . . 9 6.1 Managed Resources . . . . . . . . . . . . . . . . . . . . . 9 6.2 Resource Management Messages . . . . . . . . . . . . . . . 10 6.3 Concurrent Logins . . . . . . . . . . . . . . . . . . . . . 10 6.4 Authorization Changes . . . . . . . . . . . . . . . . . . . 11 7. Policy Services . . . . . . . . . . . . . . . . . . . . . . 11 8. Accounting Extensions . . . . . . . . . . . . . . . . . . . 12 8.1 Auditing/Activity . . . . . . . . . . . . . . . . . . . . . 12 9. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . 12 10. Security Considerations . . . . . . . . . . . . . . . . . . 13 11. Implementation Documents . . . . . . . . . . . . . . . . . 13 11.1. Clients . . . . . . . . . . . . . . . . . . . . . . . . . 13 11.2. Servers . . . . . . . . . . . . . . . . . . . . . . . . . 14 12. References . . . . . . . . . . . . . . . . . . . . . . . . 14 13. Author's Address . . . . . . . . . . . . . . . . . . . . . 15 14. Full Copyright Statement . . . . . . . . . . . . . . . . . 16 1. Introduction The RADIUS Working Group was formed in 1995 to document the protocol of the same name, and was chartered to stay within a set of bounds for dial-in terminal servers. Unfortunately the real world of Network Access Servers (NASes) hasn't stayed that small and simple, and continues to evolve at an amazing rate. This document shows some of the current implementations on the market have already outstripped the capabilities of the RADIUS protocol. A quite a few features have been developed completely outside the protocol. These features use the RADIUS protocol structure and format, but employ operations and semantics well beyond the RFC documents. I learn of the details of these functions from reading industry manuals and often have to respond to them in competive bid specifications. As they become deployed in the field, they gather the force of de-facto standards. Because they have been done outside scope of the RFCs, they are vendor specific, and introduce significant problems in offering an interoperable product. Mitton Informational
