This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Network access server" – news · newspapers · books · scholar · JSTOR (October 2022) (Learn how and when to remove this message)

A network access server (NAS) is a group of components that provides remote users with a point of access to a network.^[1][2]

A NAS concentrates dial-in and dial-out user communications. An access server may have a mixture of analog and digital interfaces and support hundreds of simultaneous users. A NAS consists of a communications processor that connects asynchronous devices to a LAN or WAN through network and terminal emulation software. It performs both synchronous and asynchronous routing of supported protocols.

The NAS is meant to act as a gateway to guard access to a protected resource. This can be anything from a telephone network, to printers, to the Internet. A client connects to the NAS. The NAS then connects to another resource asking whether the client's supplied credentials are valid. Based on that answer the NAS then allows or disallows access to the protected resource.

The above translates into different implementations for different uses. Here are some examples.

• An Internet service provider which provides network access via common modem or modem-like devices (be it PSTN, DSL, cable or GPRS/UMTS) can have one or more NAS (network access server) devices which accept PPP, PPPoE or PPTP connections, checking credentials and recording accounting data via back-end RADIUS servers, and allowing users access through that connection.
• The captive portal mechanism used by many WiFi providers: a user wants to access the Internet and opens a browser. The NAS detects that the user is not currently authorized to have access to the Internet, so the NAS prompts the user for their username and password. The user supplies them and sends them back to the NAS. The NAS then uses the RADIUS protocol to connect to an AAA server and passes off the username and password. The RADIUS server searches through its resources and finds that the credentials are valid and notifies the NAS that it should grant the access. The NAS then grants the user access to the Internet.
• Another use of a NAS would be in voice over IP (VoIP). However, instead of using a username and password, many times a phone number or IP Address are used. If the phone number is a valid customer then the call can be completed. Other uses might be to verify whether a phone number has long distance access or a telephone card has minutes left.

Although not required, NASs are almost exclusively used with authentication, authorization, and accounting (AAA) servers. Of the AAA protocols available, RADIUS tends to be the most widely used. The Diameter base protocol extends RADIUS services by providing error handling and inter-domain communications. This protocol is used in networks like the IP Multimedia Subsystem (IMS).

• Terminal server

• RFC 2881 – "Network Access Server Requirements Next Generation (NASREQNG) NAS Model,"^[3] Informational.