RADIUS RFCs and Attribute definitions
The list of all standard RADIUS attributes
The RFCs have a number of issues and ambiguities. Some are resolved in the Issues and Fixes document. Instructions for creating new RADIUS standards are found in the Design Guidelines document.
Unfortunately, the preceding documents do not address all known issues with RADIUS. The RFCs are still ambiguous in places. There are many things which are neither forbidden nor explicitly allowed. We caution implementors to not assume that something is allowed, just because it is not strictly forbidden. RADIUS has a 20 year history of deployments. Any "new" behavior you design is likely to be incompatible with existing practices. We recommend following the specifications closely.
The open issues page documents the problems we are aware of, and our suggested fixes.
RFCs
| RFC 2548 (attributes) | Microsoft Vendor-specific RADIUS Attributes |
| RFC 2809 | Implementation of L2TP Compulsory Tunneling via RADIUS |
| RFC 2865 (attributes) | Remote Authentication Dial In User Service (RADIUS) |
| RFC 2866 (attributes) | RADIUS Accounting |
| RFC 2867 (attributes) | RADIUS Accounting Modifications for Tunnel Protocol Support |
| RFC 2868 (attributes) | RADIUS Attributes for Tunnel Protocol Support |
| RFC 2869 (attributes) | RADIUS Extensions |
| RFC 2882 | Network Access Servers Requirements: Extended RADIUS Practices |
| RFC 3162 (attributes) | RADIUS and IPv6 |
| RFC 3576 (attributes) | Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS) |
| RFC 3579 (attributes) | RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP) |
| RFC 3580 (attributes) | IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines |
| RFC 4675 | RADIUS Attributes for Virtual LAN and Priority Support |
| RFC 4679 | DSL Forum Vendor-Specific RADIUS Attributes |
| RFC 4590 (attributes) | RADIUS Extension for Digest Authentication |
| RFC 4818 (attributes) | RADIUS Delegated-IPv6-Prefix Attribute |
| RFC 4849 (attributes) | RADIUS Filter Rule Attribute |
| RFC 5080 | Common Remote Authentication Dial In User Service (RADIUS) Implementation Issues and Suggested Fixes |
| RFC 5997 | Use of Status-Server Packets in the Remote Authentication Dial In User Service (RADIUS) Protocol |
Other files (old RFCs, etc)
| leap.txt | Cisco LEAP protocol description |
| rfc1157.txt | A Simple Network Management Protocol (SNMP) |
| rfc1227.txt | SNMP MUX Protocol and MIB |
| rfc1448.txt | Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2) |
| rfc1901.txt | Introduction to Community-based SNMPv2 |
| rfc1905.txt | Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2) |
| rfc2058.txt | Remote Authentication Dial In User Service (RADIUS) |
| rfc2059.txt | RADIUS Accounting |
| rfc2138.txt (gz) | Remote Authentication Dial In User Service (RADIUS) |
| rfc2139.txt (gz) | RADIUS Accounting |
| rfc2243.txt (gz) | OTP Extended Responses |
| rfc2289.txt (gz) | A One-Time Password System |
| rfc2433.txt | Microsoft PPP CHAP Extensions |
| rfc2607.txt | Proxy Chaining and Policy Implementation in Roaming |
| rfc2618.txt (gz) | RADIUS Authentication Client MIB |
| rfc2619.txt (gz) | RADIUS Authentication Server MIB |
| rfc2620.txt (gz) | RADIUS Accounting Client MIB |
| rfc2621.txt (gz) | RADIUS Accounting Server MIB |
| rfc2716.txt | PPP EAP TLS Authentication Protocol |
| rfc2759.txt | Microsoft PPP CHAP Extensions, Version 2 |
| rfc2924.txt | Accounting Attributes and Record Formats |
| rfc3575.txt | IANA Considerations for RADIUS (Remote Authentication Dial In User Service) |
| rfc3748.txt | Extensible Authentication Protocol (EAP) |