Supported Radius Attributes - IBM RackSwitch G8000 Application Manual

Supported RADIUS Attributes

76
RackSwitch G8000: Application Guide
The 802.1X Authenticator relies on external RADIUS servers for authentication with
EAP. Table 7 lists the RADIUS attributes that are supported as part of RADIUS-EAP
authentication based on the guidelines specified in Annex D of the 802.1X standard
and RFC 3580.
Table 7. Support for RADIUS Attributes
# Attribute
1 User-Name
4 NAS-IP-Address
5 NAS-Port
24 State
30 Called-Station-ID
31 Calling-Station-ID
64 Tunnel-Type
65 Tunnel-Medium-
Type
Attribute Value
The value of the Type-Data field
from the supplicant's
EAP-Response/ Identity message. If
the Identity is unknown (for
example, Type-Data field is zero
bytes in length), this attribute will
have the same value as the
Calling-Station-Id.
IPv4 address of the authenticator
used for Radius communication.
Port number of the authenticator
port to which the supplicant is
attached.
Server-specific value. This is sent
unmodified back to the server in an
Access-Request that is in response
to an Access-Challenge.
The MAC address of the
authenticator encoded as an ASCII
string in canonical format, such as
000D5622E3 9F.
The MAC address of the supplicant
encoded as an ASCII string in
canonical format, such as
00034B436206.
Only VLAN (type 13) is currently
supported (for 802.1X RADIUS
VLAN assignment). The attribute
must be untagged (the Tag field
must be 0).
Only 802 (type 6) is currently
supported (for 802.1X RADIUS
VLAN assignment). The attribute
must be untagged (the Tag field
must be 0).
A-R A-A A-C A-R
1 0-1 0 0
1 0 0 0
1 0 0 0
0-1 0-1 0-1 0
1 0 0 0
1 0 0 0
0 0-1 0 0
0 0-1 0 0