Name
CHAP-Challenge
Synopsis
|
Attribute Number |
60 |
|
Length |
7 or more octets |
|
Value |
STRING |
|
Allowed in |
Access-Request |
|
Prohibited in |
Access-Accept, Access-Reject, Access-Challenge |
|
Presence in Packet |
Not required |
|
Maximum Iterations |
1 |
If a CHAP transaction is involved—in other words, if CHAP
responses are requested from or required by the RADIUS
client—then
the original CHAP challenge is
placed in the value field of this attribute. The CHAP request is then
sent to another server, which attempts to authenticate the request
based on the CHAP-Challenge value. Normally, these
values are around 16 bytes, which allows the RADIUS client the option
of using the value in this attribute as the request authenticator.
The large allowable size of the value makes the attribute secure
enough to allow this.
Get RADIUS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
