1. Home
  2. Mobile devices
  3. Mobile vpn. delivering advanced services in next generation wireless systems

RADIUS for Authentication

RADIUS for Authentication

The usage of RADIUS for network access authentication follows the common practice in the remote access servers industry. However, a few remarks are in order. It has become common practice to include the MSIDSN of the MS in the CALLING-STATION-ID attribute, and the value of the APN in the CALLED STATION-ID attribute.

The use of ACCESS-CHALLENGE message has some limitations. If the PPP PDP type is used, this message can be used in a normal manner. However, when the message is received for an APN in IP with Protocol Configuration Options access mode (see Chapter 6), then it is not possible for the system to challenge the MS and for the MS to return a challenge response. Therefore, the message is interpreted as an Access Reject. To avoid undesirable disconnection events, it may be wise not to enable the AAA server to issue challenge messages.

When using RADIUS authentication in a 3GPP system, you should consult the 3GPP specification [TS29.061] to gather information on how to best configure and use RADIUS authentication in GPRS/UMTS. The specification is extremely helpful for using the RADIUS authentication features appropriately.



BackCover
Mobile VPN--Delivering Advanced Services in Next Generation Wireless Systems
Foreword
Preface
Part I: Wireless Data Fundamentals
Part II: MVPN and Advanced Wireless Data Services
Appendix A: Mobile IP Extensions
Appendix B: CDMA2000 RADIUS Accounting Attributes
Appendix C: RADIUS Usage in 3GPP
Possible Network Configurations
RADIUS for Authentication
RADIUS for Accounting
RADIUS for Interaction with Application Servers
Acronyms
Bibliography
List of Figures
List of Tables
List of Sidebars