Using RADIUS for Authentication

Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and accounting for SonicWall security appliances and SonicWave appliances, allowing them to authenticate users attempting to access the network. The RADIUS server contains a database with user information and checks a user’s credentials using authentication schemes such as Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), Microsoft CHAP (MS-CHAP), or MS-CHAPv2. See Using RADIUS for authentication. For SonicWave appliances providing RADIUS authentication, see SonicOS 7.1 SSL VPN Administration Guide.

While RADIUS is very different from LDAP, primarily providing secure authentication, it can also supply numerous attributes for each entry. These attributes include several that can be used to convey user group memberships. RADIUS can store information for thousands of users and is a good choice for user authentication purposes when many users need access to the network.