Go to main content
1/18
Contents
Title and Copyright Information
Preface
Audience
Downloading Oracle Communications Documentation
Documentation Accessibility
Document Revision History
1
Understanding RADIUS Manager
About the RADIUS Protocol
What You Can Do with RADIUS Manager
How RADIUS Manager Works
RADIUS Manager Features and Functionality
How RADIUS Manager Performs Authentication and Authorization
How RADIUS Manager Performs Accounting
Customizing RADIUS Manager Opcodes
2
Installing RADIUS Manager
System Requirements
Software Requirements
Installing RADIUS Manager
What's Next?
Uninstalling RADIUS Manager
3
Configuring RADIUS Manager
Planning Checklist for RADIUS Implementations
Overview of RADIUS Manager Configuration Tasks
Connecting RADIUS Manager to BRM
Connecting the RADIUS Manager Client to BRM
Configuring RADIUS Implementations
Setting the IP Port Numbers
Setting the Log Level for Application Errors
Enabling the Debug Option
Selecting the Data Dictionary
Selecting a Data Dictionary When Using Different NAS Vendors
Defining the Process ID of the RADIUS Server
Configuring the stop_radius Script
Setting the Number of Threads and the Queue Size for Scalability
Setting the Number of Threads
Adjusting the Queue Size
Defining the RADIUS Client List
Defining the Secret
Setting Limits on the Number of Processes
Setting the Return Attributes
Defining Configuration Macros
Including Configuration Macros
Retrieving Performance Statistics
Configuring IP Service for an Account
Sample Configuration File
Starting and Stopping the RADIUS Daemon
Reconfiguring Your RADIUS Server without Stopping Operation
About the pin_radiusd_sig Utility
What's Next?
4
Customizing the RADIUS Data Dictionary
About the Data Dictionary
Defining the Data Dictionary
Editing the Data Dictionary
Adding Vendor Specific Attributes to the Data Dictionary
Adding the Vendor Code Size to Your Data Dictionary
Using the struct Data Type in a VSA
Limitations to Using the Struct Data Type in a VSA
5
Understanding RADIUS Manager Modules
Introduction to Modules
About Module Types
About Module Master Classes
About Module Worker Classes
Understanding External Communication and Support Module Types
About External Communication Modules
About Support Modules
About Module Chains
How RADIUS Requests Are Processed Using check and send Requests
About the check Element
About the send Element
6
Using the Authentication and Authorization Modules
Authentication Concepts
About Local and Remote Authentication Requests
About Cascading Authentication
About Configuring Modules for Cascading Authentication
Managing Cascading Authentication Requests with the Class Attribute
Using the BRM Authentication and Accounting Module
How the BRM Authentication Module Processes Requests
Configuring Global Settings for the BRM Authentication Module
Specifying the Time Zone
Specifying How Accounting-On Events Are Handled after a NAS Failure
Specifying the Network Name
Specifying the Domain Name Separators
Example of mod_pin global Settings
Configuring Instances of the BRM Authentication Module
Specifying How RADIUS Requests Are Processed
Allowing a Request to Be Searched by Multiple Databases
Tracking Access Requests in BRM but Using Another Database for Authentication
Authenticating against a Fixed Login String
Recording the User Login for Audit Purposes
Routing and Tracking Service Requests by Subtype
Sample Code Showing How the BRM Authentication Module Processes Requests
Authenticating Access Requests Using Plain Text
How the Plain Text Authentication Module Processes Requests
Configuring the Plain Text Authentication Module
Defining the List of User Names and Passwords
Specifying How the Plain Text Authentication Module Processes Requests
Allowing Requests to Be Searched by Multiple Databases
Example Settings for mod_text
Using Password Authentication Module
How Passwords Are Used for Authentication
Configuring Password Authentication
Specifying How RADIUS Requests Are Processed
Allowing Requests to Be Searched by Multiple Databases
Example Settings for the mod_unixpwd
Using the Proxy Module to Forward Incoming Requests to an External RADIUS Server
How the Proxy Module Forwards Requests to Another Server
Configuring Global Settings for the Proxy Module
Specifying a Name for the Destination Server
Specifying the IP Address of the Destination Server
Specifying the Authorization and Accounting Ports
Setting the RADIUS Secret
Specifying the Number of Seconds till Time Out
Example of Global Settings for mod_proxy
Configuring Instances of the Proxy Module
Specifying How to Process RADIUS Requests
Allowing Requests to Be Searched by Multiple Databases
Allowing Failed Requests to Be Forwarded
Using a Non-BRM Database for Authentication
Specifying the Destination for Forwarded Requests
Sample Code for Forwarding Requests with mod_proxy
Selectively Responding to RADIUS Requests with the null Module
Configuring mod_null
Specifying How to Process RADIUS Requests
Defining the Action to Take for Matching Requests
Example Showing Settings for an Instance of mod_null
Sample Code Showing How mod_null Processes Requests
7
Logging RADIUS Requests
Logging Requests to Text Files
Using mod_logging
Configuring mod_logging
Checking Requests
Masking Attributes
Specifying the Destination File
Examples Using mod_logging
Creating Custom CDR Log Files
Scenarios for Creating Custom CDR Log Files
Checklist of Customization Considerations for mod_cdr
Configuring mod_cdr
Logging Different Types of RADIUS Messages
Specifying the Attribute Order
Defining Field and Record Delimiters
Specifying Delimiters for String Literals
Defining Blank Fields
Including Special Characters
Using cleartext or Encoded Password Entries
Pre-appending the RADIUS Request Type
Setting Limits on the Number of Records and Log Files
Configuring the Destination for Log Files
Default Configuration for the Destination File
Basic Customization of the Dest Field
Adding a Numeric Counter to the dest Field
Adding the NAS Option to the dest Field
Adding Time-Based Rotation Schemes to the dest Field
Guidelines for Setting Up Rotation Schemes
Managing Current Files
Managing Archive and Backup Files
8
Transforming Attribute Values
How the Transformation Module Works
Configuring the Transformation Module
Matching Attribute-Value Pairs in a Request
Transforming Attributes
Appending Values to Attributes
Copying Attribute Values
Example Using the Transformation Module
9
Managing Requests for Wholesale Accounts
About the Wholesale Module
Specifying the Realm Attributes and Options
Example
10
Creating Custom Modules
About Creating Custom Modules
Checklist for Creating Custom Modules
Modifying the Definitions File
Adding Functionality to a Custom Module
About the C++ API Interface to RADIUS Modules
Support Header Files
About the Module Class Model
About Configuring Modules
About the Module Master
Methods Defined in Derived Classes for the Master Module
About Worker Modules
Methods Defined in Derived Classes for Worker Modules
Instantiating Module Masters
Sample Code for a Custom Module
Adding a New Module to the RADIUS Configuration File
Starting and Stopping the RADIUS Daemon
11
Managing Large Volume Uploads and Downloads
How mod_unit Module Works
Setting the Scaling Unit for mod_unit
Changing Rate Plans to Use Scale Unit as the Unit for Rating
Configuring mod_unit
12
Using a Virtual Private Dialup Network (VPDN)
About Using a Virtual Private Dialup Network
About Firewalls and Tunnels
Tunneling Protocols
Overview of the VPDN Model
About VPDN Implementation Models
Implementing the User Model
User Model Example
Using Multiple Network Access Servers with the User Model
Handling VPDN Requests with the User Model
Example Using the /service/vpdn Storable Object
Example Using the /service/ip Storable Object
Returning VPDN Attributes to the NAS
Setting VPDN Attributes during Account Creation
Configuring VPDN Service for an Account
Implementing the Organization Model
Organization Model Example
Handling VPDN Requests with the Organization Model
Example Combining the User and Organization Models
13
Setting Up iPass Roaming
About iPass Roaming
iPass Checklist
Identifying and Forwarding Requests
Configuring mod_proxy
Recording Locally Serviced iPass Sessions
Handling Remote Authentication Requests
Handling Online and Batch Requests
Online Accounting
Batch Accounting
Logging Accounting Packets for Batch Accounting
Logging Accounting Packets for Online Accounting
iPass Call Detail Record File Definition
Example RADIUS Configuration File for iPass
Using the pin_ipass_loader Utility for Batch Accounting
Running pin_ipass_loader
Error Handling
14
Testing a RADIUS Configuration
About the rad_tester Utility
Configuring rad_tester
Configuring the Accounting and Authentication Ports
Defining the Client in the RADIUS Configuration File
Creating Input Packets
Simulating Multiple Users
Running rad_tester
Sample Authentication Request
Sample Start Accounting Request
Sample Stop Accounting Request
Sample Interim Accounting Request
Sending Input Packets to the RADIUS Server
About the Account Request Utility
Sending an Accounting-Off Request
Listing All Open Sessions
15
RADIUS Manager Utilities
pin_ipass_loader
pin_radiusd_sig
pin_term_acct
rad_tester
Scripting on this page enhances content navigation, but does not change the content in any way.