RADIUS is based on a client-server model. The RADIUS server provides the user authentication data and can grant or deny access, and the clients send user data to the server and receive an accept or deny response. In the RADIUS client-server model, the client sends an Access-Request query to the RADIUS server. When the server receives an Access-Request message from a client, it searches the database for that user's authentication information. If the user's information is not found, the server sends an Access-Reject message and the user is denied access to the requested service. If the user's information is found, the server responds with an Access- Accept message. The Access-Accept message confirms the user's authentication data and grants the user access to the requested service.
All transactions between the RADIUS client and server are authenticated by the use of specific text string password known as a shared secret. The client and server must each know the secret because it is never passed over the network. You must know the shared secret to configure RADIUS authentication for ILOM.
To use RADIUS authentication with ILOM, you must configure ILOM as a RADIUS client.