The present application generally relates to systems and methods for facilitating communication between an authentication client and an authentication server.
Network providers or carriers can require their subscribers or users (authentication clients) to authenticate with an authentication server before permitting access to a network. Remote Authentication Dial In User Service (RADIUS) is one type of protocol that can be used for the authentication of subscribers or users. When using RADIUS for authentication, the RADIUS client (authentication client) must exchange a series of messages with a RADIUS server (authentication server) during a single session. In order for the RADIUS client to exchange messages with the RADIUS server, each RADIUS client must have an Internet Protocol (IP) address. However, there are a limited number of available IP addresses, and many networks have a large number (e.g., thousands) of RADIUS clients that communicate with a RADIUS server.
To address the problem of needing a large number of IP addresses, some network providers or carriers have used a RADIUS proxy between the RADIUS clients and the RADIUS servers. When using a RADIUS proxy, the network provider or carrier uses a private network to connect the RADIUS clients (each having a private IP address) to the RADIUS proxy, and then the RADIUS proxy (having a single public IP address) is connected to the RADIUS server over a public network.
The RADIUS proxy receives the authentication requests and messages from the RADIUS clients addressed to the RADIUS proxy, disassembles the requests and messages, rebuilds the requests or messages and addresses the requests and messages for the RADIUS server. Similarly, the RADIUS proxy receives the authentication messages from the RADIUS server addressed to the RADIUS proxy, disassembles the messages and rebuilds and addresses the messages for the RADIUS clients. Unfortunately, the processing performed by the RADIUS proxy adds significant delay to the messages communicated between the RADIUS server and clients. In addition, the circuitry required to implement the RADIUS proxy can be complex, thereby undesirably increasing the costs to the network service provider.