Policy Server Guides › Policy Server Configuration Guide › Using the Policy Server as a RADIUS Server › The RADIUS Client/Server Architecture

The RADIUS Client/Server Architecture

RADIUS is designed to simplify security by separating the communication technology provided by a NAS device from the security technology provided by the authentication server. RADIUS security protects remote access to networks and network services using a distributed client/server architecture. The Policy Server is the RADIUS server. The RADIUS client is the NAS device.

A NAS device performs one of the following:

• Supports dial-in protocols, such as SLIP or PPP, authenticates users by using the RADIUS authentication server, and routes the user onto the network; or
• Supports direct connections to the network through a firewall, authenticates users by using the RADIUS authentication server, and grants network access.

The Policy Server can serve as the RADIUS authentication server when configured as described in this chapter. As the RADIUS server, the Policy Server authenticates RADIUS users using a RADIUS authentication scheme and a pre-defined user directory.

Note: To use RADIUS accounting, you must configure a separate RADIUS accounting server. The Policy Server will satisfy the NAS device by sending the ACK response to the accounting server. However, you can log accounting information to files.