RADIUS RFCs and Attribute definitions

The list of all standard RADIUS attributes

The RFCs have a number of issues and ambiguities. Some are resolved in the Issues and Fixes document. Instructions for creating new RADIUS standards are found in the Design Guidelines document.

Unfortunately, the preceding documents do not address all known issues with RADIUS. The RFCs are still ambiguous in places. There are many things which are neither forbidden nor explicitly allowed. We caution implementors to not assume that something is allowed, just because it is not strictly forbidden. RADIUS has a 20 year history of deployments. Any "new" behavior you design is likely to be incompatible with existing practices. We recommend following the specifications closely.

The open issues page documents the problems we are aware of, and our suggested fixes.

RFCs

RFC 2548 (attributes) Microsoft Vendor-specific RADIUS Attributes
RFC 2809 Implementation of L2TP Compulsory Tunneling via RADIUS
RFC 2865 (attributes) Remote Authentication Dial In User Service (RADIUS)
RFC 2866 (attributes) RADIUS Accounting
RFC 2867 (attributes) RADIUS Accounting Modifications for Tunnel Protocol Support
RFC 2868 (attributes) RADIUS Attributes for Tunnel Protocol Support
RFC 2869 (attributes) RADIUS Extensions
RFC 2882 Network Access Servers Requirements: Extended RADIUS Practices
RFC 3162 (attributes) RADIUS and IPv6
RFC 3576 (attributes) Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS)
RFC 3579 (attributes) RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP)
RFC 3580 (attributes) IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines
RFC 4675 RADIUS Attributes for Virtual LAN and Priority Support
RFC 4679 DSL Forum Vendor-Specific RADIUS Attributes
RFC 4590 (attributes) RADIUS Extension for Digest Authentication
RFC 4818 (attributes) RADIUS Delegated-IPv6-Prefix Attribute
RFC 4849 (attributes) RADIUS Filter Rule Attribute
RFC 5080 Common Remote Authentication Dial In User Service (RADIUS) Implementation Issues and Suggested Fixes
RFC 5997 Use of Status-Server Packets in the Remote Authentication Dial In User Service (RADIUS) Protocol

Other files (old RFCs, etc)

leap.txt Cisco LEAP protocol description
rfc1157.txt A Simple Network Management Protocol (SNMP)
rfc1227.txt SNMP MUX Protocol and MIB
rfc1448.txt Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2)
rfc1901.txt Introduction to Community-based SNMPv2
rfc1905.txt Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)
rfc2058.txt Remote Authentication Dial In User Service (RADIUS)
rfc2059.txt RADIUS Accounting
rfc2138.txt (gz) Remote Authentication Dial In User Service (RADIUS)
rfc2139.txt (gz) RADIUS Accounting
rfc2243.txt (gz) OTP Extended Responses
rfc2289.txt (gz) A One-Time Password System
rfc2433.txt Microsoft PPP CHAP Extensions
rfc2607.txt Proxy Chaining and Policy Implementation in Roaming
rfc2618.txt (gz) RADIUS Authentication Client MIB
rfc2619.txt (gz) RADIUS Authentication Server MIB
rfc2620.txt (gz) RADIUS Accounting Client MIB
rfc2621.txt (gz) RADIUS Accounting Server MIB
rfc2716.txt PPP EAP TLS Authentication Protocol
rfc2759.txt Microsoft PPP CHAP Extensions, Version 2
rfc2924.txt Accounting Attributes and Record Formats
rfc3575.txt IANA Considerations for RADIUS (Remote Authentication Dial In User Service)
rfc3748.txt Extensible Authentication Protocol (EAP)