features

TOUGHRADIUS Function List

中文

RADIUS authentication authorization function

• Authentication messages: support for BAS to initiate Authentication messages, using RADIUS protocol to AAA system authentication authentication and authorization
• Authentication PAP authentication mode: Support BAS to launch Authentication message with PAP authentication mode.
• Authentication CHAP authentication: Supports the use of CHAP authentication when BAS initiates Authentication messages.
• Authentication MS CHAP V2 authentication: support for BAS to initiate Authentication message using MS CHAP V2 authentication method
• Authentication Authorization: After receiving the BAS Authentication request message, RADIUS Server encapsulates the user authorization information according to the user information resources and authorizes the user bandwidth limit, maximum duration, IP and other information to BAS via Authentication response message.
• Accounting-On message: Supports BAS to initiate an Accounting-On message to notify RADIUS that the BAS started successfully and started billing.
• Accounting-Off messages: BAS can initiate Accounting-Off messages to notify RADIUS that the BAS is finished billing, the online user is offline, and the BAS is in maintenance or switchover mode.
• Accounting-Start message: supports standard RADIUS billing message analysis, BAS initiates the Accounting-Start message to notify the user that billing has started.
• Accounting-Interium-Update message: Supports standard RADIUS billing message analysis, BAS launches the Accounting-Start message to notify the user of the billing update.
• Accounting-Stop message: supports standard RADIUS billing message analysis, and BAS initiates the Accounting-Start message to notify the user of the end of the billing process.
• Maximum session duration attribute issuance: Support issuance of maximum session duration to BAS authentication messages to require the user to be offline within a specified period of time in order to record Internet access records.
• User fixed IP address issuance: Support issuing IP address information to BAS authentication message, users dial up and use the fixed IP address to access the Internet, applicable to leased-line users.
• User Address Pooling: Support sending address pooling information to BAS authentication message.
• COA dynamic authorization: Support to execute COA dynamic authorization to BRAS system to change user's billing strategy after user authentication (BRAS support is required).

Authentication Authorization Billing Assistance

• MAC address binding: support for the initial binding of the user MAC address, the bound user if the MAC address does not match the authentication fails
• VLAN/QINQ binding: Supports one label or two labels on the user's initial binding, the bound user if the VLAN/QINQ information does not match then the authentication fails.
• Concurrency control: support for the same account online number of concurrency control, if more than the number of concurrent account authentication fails to newly authenticated users.
• Set the maximum session duration: through the system configuration function, set the maximum session duration to ensure that the user can be disconnected and reconnected within the maximum session duration and generate Internet records.
• Monitor the number of authentication and billing messages: Support statistics and reset of authentication and billing packets within the start time.
• Release User Bindings: Release the MAC or VLAN/QINQ bound users, clear the original user binding information, including MAC address information and one or two layers of label information.
• Concurrency control unlocks: For abnormal situations (no offline message from BAS), user concurrency control forces the user to go offline on RADIUS and releases the concurrency number.
• Authentication and billing log output: RADIUS Server outputs the authentication and billing logs to a file, including authentication success, authentication failure, online billing package, offline billing package and other information.
• Web log output: RADIUS Server generates web logs at the end of the accounting process, based on the user's accounting information.
• Password-free authentication: RADIUS Server supports password-free authentication in case of emergency.

Portal Subsystem

• AC Forced Portal: After the user initiates the Internet access request through WEB browser, AC can force the request to Portal server, and Portal server receives the forced Portal request and can send the specified WEB Portal page to the user according to different access server address/VLANID/DHCP options.
• Login name and password verification: The system provides login name and password verification for broadband Internet access users. The system provides two ways to keep the page after authentication and not to keep the page after authentication, both of which can accurately count the user's online and offline time, and reverse the length of time based on this time.
• Portal page adaptation: The Portal supports user terminal UA information adaptation function, and supports pushing customized Portal page and authentication function for mobile phone/PC terminal. The Portal will push a customized Portal page based on the mobile phone's screen width, based on the UA (User Agent) information carried by the mobile phone. The Portal page can be displayed in multiple terminals and different types of browsers (Internet Explorer, 360 security browser, Tencent QQ browser, Baidu browser, Google Chrome, Sogou browser, Firefox browser, Ocean Explorer, Safari, etc.).
• Portal customization: The system Portal page can be customized to push editable Portal pages to different users and different areas according to business needs. Different areas, such as access server address/VLANID/DHCP options, can be used to push different Portal.
• Active disconnection: The Portal system will send a disconnection request message to the BRAS side to notify the authentication system if the user closes the Portal page or clicks the disconnection button.
• Forced disconnection: Forced disconnection for unauthorized users.

System Management Module

• Control panel: display dashboard on system home page, display system login information, system CPU, memory, disk status, RADIUS performance statistics chart, online trend chart, authentication result statistics chart, authentication time statistics chart.
• System configuration management: system global configuration, you can configure each module related to the relevant dependency options.
• System log management: System logs record the key information generated in the process of running the system, such as error messages and task reports, which helps system administrators to track system faults and locate user faults.
• BRAS/AC access device management: Configure the device that docks the system for RADIUS authentication and accounting, which supports multi-device management and access to devices from different manufacturers.
• User management functions, support the creation of users, batch creation of users, modify user information, delete user information, release MAC, VLAN binding, user details display, user dial test diagnosis, support for account exact match and fuzzy matching query.
• Online query function, support real-time query the current online user list, show user's IP, port, and traffic information, support for forced offline.
• Online log query, support user online history log information query, query days can be set.