--A RADIUS Internet Engineering Task Force (IETF) attribute is one of the original set of 255 standard attributes that are
used to communicate authentication, authorization, and accounting (AAA) information between a client and a server. Because
IETF attributes are standard, the attribute data is predefined and well known; thus all clients and servers that exchange
AAA information through IETF attributes must agree on attribute data such as the exact meaning of the attributes and the general
bounds of the values for each attribute.
--Challenge Handshake Authentication Protocol. Security feature that is supported on lines using PPP encapsulation and prevents
unauthorized access. CHAP does not itself prevent unauthorized access; it merely identifies the remote end. The router or
access server then determines whether that user is allowed access.
--Extensible Authentication Protocol. A PPP authentication protocol that supports multiple authentication mechanisms that
are negotiated during the authentication phase (instead of the Link Control Protocol [LCP] phase). EAP allows a third-party
authentication server to interact with the PPP implementation through a generic interface.
--link control protocol. Protocol that establishes, configures, and tests data-link connections for use by PPP.
--Message Digest 5. A hash algorithm used to authenticate packet data. HMAC is a key hashing for message authentication.
--network access server. A device providing local network access to users across a remote access network such as the public
switched telephone network (PSTN).
--Password Authentication Protocol. Authentication protocol that allows PPP peers to authenticate one another. The remote
router attempting to connect to the local router is required to send an authentication request. Unlike CHAP, PAP passes the
password and host name or username in the clear (unencrypted). PAP does not itself prevent unauthorized access; it merely
identifies the remote end. The router or access server then determines if that user is allowed access. PAP is supported only
on PPP lines.
--Point-to-Point Protocol. A protocol that encapsulates network layer protocol information over point-to-point links. PPP
is defined in RFC 1661.
--Remote Authentication Dial-In User Service. Database for authenticating modem and ISDN connections and for tracking connection
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone
numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown
for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and
© 2001-2009 Cisco Systems, Inc. All rights reserved.