How does RADIUS communicate with clients?

RADIUS, which stands for Remote Authentication Dial-In User Service, primarily communicates using User Datagram Protocol (UDP). The protocol utilizes specific ports for its operations, namely ports 1812 and 1813. These ports are designated for RADIUS authentication and accounting, respectively.

The choice of UDP is significant because it is a connectionless protocol, which can be beneficial for real-time functionalities such as authentication requests, where the overhead of establishing a connection (as would be required with TCP) could lead to delays. By using UDP, RADIUS can send authentication requests quickly, and it can handle dropped packets more efficiently as it does not require acknowledgment for each packet sent.

In contrast, the other choices describe methods or protocols that either do not pertain to RADIUS or operate in ways that are not used for its communication. TCP over Port 49 is not correct; Port 49 is reserved for TACACS+, a different authentication protocol. The mention of SSL and secure channels does not apply either, as RADIUS typically functions without this layer of encryption, relying on pre-shared keys for security instead. Lastly, using direct application protocols does not accurately depict RADIUS communication, as it is not an application layer protocol by itself, nor does it operate in