Table of Contents
Advertisement
Using the 8950 AAA Policy Assistant in Server
Management Tool
............................................................................................................................................................................................................................................................
Table 9-2 List of Attributes allowed in an Access–Accept available as Reply
Attribute Name
Reply-Message
Vendor-Specific
Session-Timeout
Idle-Timeout
Port-Limit
If a reply attribute differs from the nature of the user's session, the NAS must resolve the
problem. For example, if the user connects using PPP and 8950 AAA returns a Framed-
Protocol attribute set to "SLIP" the NAS should drop the session.
With the 8950 AAA PolicyAssistant it is possible to define attribute sets that apply to all
users of a policy. This means that individual user profiles need only contain a user name
and password. All other attributes for authorization checks and provisioning rules can be
contained in an attribute set for the policy. This makes system management much easier
for the administrator.
Changing authorization checks and session provisioning can be accomplished by editing
the attribute set. This eliminates the need to edit numerous user profiles each time policy
changes.
............................................................................................................................................................................................................................................................
9 - 18
Attributes
Description
Sends a message back to the NAS
to be displayed to the user. In
Windows networking this message
may be logged but is not directly
displayed to the user.
Used for encoding proprietary
vendor specific attribute (VSA)
extensions to the RADIUS
protocol. See your NAS vendor's
documentation for a list of VSAs
they support.
The maximum allowed session
length (in seconds)
The maximum idle time allowed
for the session.
The total number of sessions that
can be linked together for creating
greater bandwidth (Typically used
with ISDN sessions.)
Understanding and Creating Attribute Sets
Required
No
No
No
No
No
Issue 1, December 2008
Max
No limit
No limit
1
1
1
365-360-001R6.0
- Quick Links:
- What Is 8950 Aaa
- Introduction to 8950 Aaa
Hide quick links:
Advertisement
Table of Contents
