2.10 RADIUS-Diameter IWF for Authentication

The RADIUS-Diameter Interworking (R-D IWF) for Authentication feature provides message conversion and interworking between a RADIUS based client (server) and a Diameter based server (client). An example is shown below where RADIUS authentication and accounting is used by a WLAN AP, but the AAA server is Diameter based.

Figure 2-41 RADIUS-Diameter IWF for WLAN Authentication


RADIUS-Diameter IWF for WLAN Authentication

The Figure below shows a generic case for deployment of a mated pair of DSRs with RSR and/or R-D IWF capability. This figure shows the case where a single pair of DSR IWFs is serving a many-to-many relationship between RADIUS and Diameter networks. The blue lines in the figure depict RADIUS connections and the redlines depict Diameter connections/connection sets. The following routing options are supported:

  • RADIUS net to same RADIUS net.
  • RADIUS net to different RADIUS net.
  • RADIUS net to Diameter net.
  • Diameter net to same Diameter net.
  • Diameter net to different Diameter net.
  • Diameter net to RADIUS net.

Figure 2-42 RSR and R-D IWF Deployment


RSR and R-D IWF Deploymen

As shown in the above figure, Diameter transport is planned for the ‘c-links’ between DSR mates, even forRADIUS messages. This is possible because RADIUS messages are encapsulated within a Diameter shell forinternal routing within a DSR.

Figure 2-43 RADIUS-Diameter IWF for Authentication


RADIUS-Diameter IWF for Authentication

Supported mappings include:

  • RADIUS Access-Request - Diameter DER.
  • Diameter DEA - RADIUS Access-Challenge.
  • Diameter DEA - RADIUS Access-Accept.
  • Diameter DEA - RADIUS Access-Reject.