Sunday 9 August 2015

Radius Access-Challenge


If radius server wants to send a challenge to user, then it sends Access-Challenge packet to radius client. Following figure shows frame format for Access-Challenge packet.
Access-Challenge packet may contain one or more Reply-Message. Reply-Message attribute indicates text, which may be displayed to the user.

Access-Challenge packet can contain following attributes.
Attribute
Description
Reply-Message
It indicates text, which may be displayed to the user.
State
Can has single state attribute. This Attribute is available to be sent by the server to the client in an Access-Challenge and MUST be sent unmodified from the client to the server in the new Access-Request reply to that challenge, if any.
Vendor-Specific
This Attribute is available to allow vendors to support their own extended Attributes not suitable for general usage.  It MUST not affect the operation of the RADIUS protocol.
Idle-Timeout
This Attribute sets the maximum number of consecutive seconds of idle connection allowed to the user before termination of the session or prompt.
Session-Timeout
This Attribute sets the maximum number of seconds of service to be provided to the user before termination of the session or prompt.
Proxy-State
This Attribute is available to be sent by a proxy server to another server when forwarding an Access-Request and MUST be returned unmodified in the Access-Accept, Access-Reject or Access-Challenge.



Prevoius                                                 Next                                                 Home

No comments:

Post a Comment