RADIUS
(Only added the "AAA" string) |
Cboulanger (Talk | contribs) (Added a backlink to the radius authorization information) |
||
Line 32: | Line 32: | ||
*[[Web_Portal_Tutorial_Guide_v2.7#RADIUS Authorization/Authentication|Toolpack v2.7: RADIUS configuration]] | *[[Web_Portal_Tutorial_Guide_v2.7#RADIUS Authorization/Authentication|Toolpack v2.7: RADIUS configuration]] | ||
+ | |||
+ | == Authorization == | ||
+ | |||
+ | If a Radius authorization server is configured, the call authorization is done externally (using the Radius protocol). The acceptance or refusal of the call is then returned into a routing script for further processing. Refer to [[Routing_script_tutorial:Mini_Development_Guide#Authorization | Radius authorization ]] for more details. | ||
== Toolpack to RADIUS CDR attributes remapping == | == Toolpack to RADIUS CDR attributes remapping == |
Revision as of 11:14, 21 August 2013
Remote Authentication Dial In User Service, more popularly known as RADIUS, is used by telecom service providers for the purpose of authenticating, authorizing, and accounting (AAA) for the use of services by subscribers. A RADIUS server is an application server that provides this functionality. It can take as input as well as output Call detail record (CDR) data.
Contents |
TelcoBridges and RADIUS
Starting with release v2.3 of Toolpack, explicit support for the accounting function of RADIUS is now offered. Previously, Toolpack stored Call detail record (CDR) data in a local database. Starting with Toolpack v2.3, CDR data is stored on a dedicated, external server running an implementation of the RADIUS standard. Configuration of the location of the RADIUS server is performed through the Toolpack web portal.
Starting with release v2.6 of Toolpack, multiple RADIUS servers can now be configured for backup purposes.
Starting with release v2.7 of Toolpack, calls can now be validated through a RADIUS server with authentication and authorization. The RADIUS server may also change routing parameters for calls.
Prerequisites
In order to enable RADIUS functionality in Toolpack, you must have a RADIUS server already up and running. It is highly recommended that the RADIUS server software being running on a separate machine from the one running the Toolpack software. Before configuring Toolpack, you will need the IP address of the RADIUS server(s). You will need to specify a ‘secret key’ which will authenticate the Toolpack server so that it can send accounting, authentication and authorization data and to the RADIUS server and the RADIUS server will accept it.
Configuration
Accounting
- Toolpack v2.7: RADIUS configuration
- Toolpack v2.6: RADIUS configuration
- Toolpack v2.5: RADIUS configuration
- Toolpack v2.4: RADIUS configuration
- Toolpack v2.3: RADIUS configuration
Authorization/Authentication
Authorization
If a Radius authorization server is configured, the call authorization is done externally (using the Radius protocol). The acceptance or refusal of the call is then returned into a routing script for further processing. Refer to Radius authorization for more details.
Toolpack to RADIUS CDR attributes remapping
When Toolpack sends Access-Request messages to a RADIUS server, some specific attributes are included in the message. These attributes have been improved through Toolpack releases to better meet accounting services requirements.
- Toolpack v2.7: RADIUS CDR attributes
- Toolpack v2.6: RADIUS CDR attributes
- Toolpack v2.5 and earlier: RADIUS CDR attributes
Dealing with incoherent CDR entries
In some situations (during HA switchover for example), some CDR entries may be lost.
The following guide lines provide information on how to deal with these corner cases: