Below are the Enhancements and Bug Fixes made between 1.16 and 2.0 taken
from the RADIUS Administrator's Guide and the RADIUS 2.0 release Note.
RADIUS 2.0 Enhancements=20
http://www.livingston.com/Tech/Docs/RADIUS/guide/1overview.shtml
RADIUS version 2.0 provides the following enhancements:
Menus
When RADIUS menus are used, users are presented with a list of login
options after they are authenticated. The RADIUS
administrator may customize menus, including "chaining" one menu to other
menus. See "RADIUS Menus" for more details.
SecurID
SecurID authentication is based on Security Dynamics' token technology,
which authenticates users using a patented
time-synchronization method.
The RADIUS 2.0 server can forward some or all authentication requests to a
SecurID ACE/Server running on the same
host as the RADIUS server.
For more information, see "RADIUS Server Configuration" and "SecurID
Installation."
builddbm utility
RADIUS 2.0 includes a utility named builddbm, which increases the speed of
user look-up by converting the users file to
the UNIX DBM format. Livingston recommends the use of the builddbm utility
when the users file contains more than 500
users. See "RADIUS DBM Database" for more details.
Prefix/Suffix
Prefixes and Suffixes allow a user to access multiple accounts by
prepending or appending a string of characters defined by
the administrator to the username.
Session-Timeout
The Session-Timeout reply item specifies the time limit for a session.
Session-Timeout is specified as a particular number of
seconds, up to a maximum of 31536000 (1 year).
Idle-Timeout
The Idle-Timeout reply item controls the maximum time that a session may be
idle before it is disconnected. Idle-Timeout is
specified as a number of seconds between 120 (2 minutes) and 14400 (4=
hours).
Port-Limit
The Port-Limit reply item controls the maximum number of ports available
for a Multilink PPP or Multilink V.120
connection. Port-Limit only applies to ISDN connections; other connection
types are not affected by this setting.
NAS-Port-Type
The NAS-Port-Type check item restricts the type of port. The user may use
one of the following port types: asynchronous,
synchronous, ISDN, ISDN-V120, or ISDN-V110.
http://www.livingston.com/Tech/Docs/Release/radius20.shtml
In addition to the features described in the RADIUS
Administrator's Guide, RADIUS server
2.0 includes the following enhancements:
UNIX systems that use * and *NP* in their
/etc/passwd files as a reference to the
/etc/shadow file are now supported.=20
A series of attributes have been renamed for
clarity purposes. Old attribute names are
accepted in RADIUS server 2.0 for backward
compatibility, however, they may not be
accepted in future RADIUS server releases.=20
Old Attribute New Attribute
----------------------------------------
Client-Id NAS-IP-Address
Client-Port-Id NAS-Port-Id
User-Service-Type Service-Type
Framed-Address Framed-IP-Address
Framed-Netmask Framed-IP-Netmask
Framed-Filter-Id Filter-Id
Login-Host Login-IP-Host
Login-Port Login-TCP-Port
Port-Message Reply-Message
Dialback-No Callback-Number
Dialback-Name Callback-Id
Challenge-State State
Password =3D "UNIX" Auth-Type =3D System
Three dictionary values have been renamed for
clarity purposes. Old value names are
accepted in RADIUS 2.0 for backward compatibility,
however, they may not be
accepted in future RADIUS releases.=20
Attribute Old Value New
Value
--------------------------------------------------------------------
Service-Type Dialback-Login-User
Callback-Login-User
Service-Type Dialback-Framed-User
Callback-Framed-User
Framed-Compression Van-Jacobsen-TCP-IP
Van-Jacobson-TCP-IP
RADIUS 2.0 Bug Fixes
http://www.livingston.com/Tech/Docs/Release/radius20.shtml
The following RADIUS-related bugs have been fixed:
If a menu user entered a username and incorrect
password in ComOS 3.3.1 and earlier,
an incorrect menu was displayed. This problem has
been corrected in ComOS 3.3.2; an
Invalid Login message is displayed when this occurs.=
=20
The RADIUS server now caches IP addresses for
greater efficiency.=20
In ComOS 3.3.1 or earlier, Filter-Ids longer than
12 characters caused the PortMaster to
reboot. This problem has been corrected in ComOS
3.3.2.=20
In RADIUS 1.16, if a user record contained an
incorrectly formatted Expiration date (for
example, the Expiration check item was "Oct 1
1996", rather than "Oct 01 1996"), the
user would be authenticated even after this
expiration date. With RADIUS server 2.0,
attempts on or after the expiration date display an
Account has expired message.
Incorrectly formatted expiration dates are now
logged.=20
Password expiration specified with the Expiration
check item in a user record now occurs
at exactly midnight on the specified date. In
RADIUS 1.16, password expiration could
occur at any time on the specified date.=20
Previously, when the PortMaster received an
access-challenge message from the
RADIUS server, the PortMaster would permit the PPP
client to connect. This has been
corrected in ComOS 3.3.3; the PortMaster now sends
a PAP NAK to the PPP client to
prompt the user for additional input.=20
RADIUS source code is now ANSI C compliant.=20
--- jstorms@livingston.com Diplomacy: The art of saying good doggie while seaching for a big rock.
-- *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Vous cherchez un bien immobilier ?=20 consultez http://www.ImmoSearch.inba.fr/ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Philippe SCH=C4CK =20 IN'NET BORDEAUX-AQUITAINE T=E9l. : + 33 57.24.18.11 Chauveau - CD 239 Fax : + 33 57.24.18.28 33420 ESPIET E-mail : phschack@inba.fr *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*