Table 17. RADIUS attributes used in authentication
WLAN Type
Attributes
Sent from RADIUS server in Access Accept messages:
802.1X / MAC
Auth
•
(1) User name
•
(25) Class
•
(27) Session-timeout & (29) Termination-action: Session-timeout event
becomes a disconnect event or re-authentication event if termination-
action indicates "(1) radius-request"
•
(85) Acct-interim-interval
For Dynamic VLAN application:
•
•
•
Administrator Authentication:
•
Ruckus private attribute:
•
•
•
•
Cisco private attribute:
•
•
•
(64) Tunnel-Type: value only relevant if it is (13) VLAN
(65) Tunnel-Medium-Type: value only relevant if it is (6) 802 (as in all 802
media plus ethernet)
(81) Tunnel-Private-Group-ID: this is the VLAN ID assignment (per RFC,
this is bettween 1 and 4094)
Vendor ID: 25053
Vendor Type / Attribute Number: 1 (Ruckus-User-Groups)
Value Format: group_attr1, group_attr2, group_attr3, ...
Vendor ID: 9
Vendor Type/ Attribute Number: 1 (Cisco-AVPair)
Value Format: shell:roles="group_attr1 group_attr2 group_attr3 ..."
Configuring Security and Other Services
Using an External AAA Server
101