Chapter 17. RADIUS Service

In This Chapter

  • Introduction to RADIUS

  • Planning RADIUS services

  • RADIUS setup and configuration

  • Managing and monitoring RADIUS

RADIUS enables organizations to centrally secure access to network services, including wireless networks and VPNs.

Originally designed as an AAA (Authorization, Authentication, and Accounting) server for authenticating, authorizing, and accounting dial-up users, the RADIUS protocol is used in Snow Leopard Server to manage user access to both external AirPort base stations and the VPN service by using the account information stored in Open Directory.

Supporting RADIUS allows AirPort base stations to tie into third-party authentication systems that use the RADIUS standard; these were originally managed as stand-alone authentication servers but are now more commonly tied into an organization's LDAP directory server infrastructure, such as Microsoft's Active Directory.

Apple's RADIUS implementation leverages the freeRADIUS open-source package. Mac OS X Server integrates the software to use Open Directory for its authentication.

Apple provides RADIUS support in Mac OS X Server almost exclusively to manage users of AirPort base stations, but because it's based on familiar open-source software, it can also be adapted to act as the authentication server for other devices that support RADIUS, such as an external VPN concentrator, a network switch supporting the 802.1X protocol for authenticating wired port access, or other types of Network Access ...

Get Snow Leopard™ Server now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.