Table of Contents
Advertisement
Configuring the Login-Service attribute check method for
SSH, FTP, and terminal users
About Login-Service attribute check methods
The device supports the following check methods for the Login-Service attribute (RADIUS attribute
15) of SSH, FTP, and terminal users:
•
Strict—Matches Login-Service attribute values 50, 51, and 52 for SSH, FTP, and terminal
services, respectively.
•
Loose—Matches the standard Login-Service attribute value 0 for SSH, FTP, and terminal
services.
An Access-Accept packet received for a user must contain the matching attribute value. Otherwise,
the user cannot log in to the device.
Use the loose check method only when the server does not issue Login-Service attribute values 50,
51, and 52 for SSH, FTP, and terminal users.
Procedure
To configure the Login-Service attribute check method for SSH, FTP, and terminal users:
Step
1.
Enter system view.
2.
Enter RADIUS scheme view.
3.
Configure the Login-Service
attribute check method for
SSH, FTP, and terminal
users.
Configuring the MAC address format for RADIUS attribute 31
RADIUS servers of different types might have different requirements for the MAC address format in
RADIUS attribute 31. Configure the MAC address format for RADIUS attribute 31 to meet the
requirements of the RADIUS servers.
To configure the MAC address format for RADIUS attribute 31:
Step
1.
Enter system view.
2.
Enter RADIUS scheme view.
3.
Configure the MAC address
format for RADIUS attribute
31.
Command
system-view
radius scheme
radius-scheme-name
attribute 15 check-mode { loose |
strict }
Command
system-view
radius scheme
radius-scheme-name
attribute 31 mac-format section
{ six | three } separator
separator-character { lowercase |
uppercase }
35
Remarks
N/A
N/A
The default check method is
strict.
Remarks
N/A
N/A
By default, a MAC address is in
the format of
HH-HH-HH-HH-HH-HH. The
MAC address is separated by
hyphen (-) into six sections with
letters in upper case.
Advertisement
Table of Contents
Troubleshooting
