Appendix C: RADIUS Usage in 3GPP

Appendix C: RADIUS Usage in 3GPP


In this appendix we provide some details on how RADIUS is typically used in 3GPP systems. 3GPP defines RADIUS usage for two purposes: classic network access AAA functionality and interaction with application servers (for instance, WAP gateways). The first role is well defined and directly derived from the common way RADIUS is used in remote access servers. The second role was instead traditionally left to proprietary solutions each vendor decided as most suitable for its needs.

Recognizing this was a limitation for multivendor solutions and procurement, the industry has initiated a strong push in 3GPP toward the standardization of the usage of RADIUS (and in particular RADIUS accounting) in interacting with application servers The set of proprietary RADIUS attributes that classically had been used to exchange information with application servers has been replaced by an agreed-upon set of 3GPP vendor-specific attributes (VSAs). Also, the formatting and usage of RADIUS messages and the criteria of inclusion of attributes has been agreed upon, as well as the conditions under which user traffic can be forwarded in relation to the outcome of RADIUS authentication and accounting procedures. All this has been defined as an extension of the already existing [3GPP TS29.061] specification and as a change to [GSM TS09.61].

While it is clear why in a MVPN environment RADIUS AAA usage for network access is required, it may not be so clear why we should address in this book how RADIUS is used for interacting with applications servers. For one, in real deployments it may happen that the two different usages are not separated; rather, the GGSN interacts with a single RADIUS server that is configured and programmed to interact, as a proxy, with application servers and AAA servers separately, perhaps after some RADIUS attributes preprocessing.

On the other hand, in some instances MVPN enables its members to use a set of applications. These applications may benefit from some information delivered by the GGSN to the associated applications servers via a RADIUS interface. As such, it is extremely useful to understand the fundamentals on how to use the 3GPP RADIUS interface to application servers and how to enable the GGSN to perform this essential functionality.