Radius Servers; Radius Server Attributes; Standard Attributes - Alcatel OmniSwitch 6624 Network Configuration Manual
Hide thumbs
Also See for OmniSwitch 6624:
- Troubleshooting manual (614 pages) ,
- Management manual (264 pages) ,
- Network configuration manual (654 pages)
Table of Contents
Advertisement
Managing Authentication Servers
RADIUS Servers
RADIUS is a standard authentication and accounting protocol defined in RFC 2865 and RFC 2866. A
built-in RADIUS client is available in the switch. A RADIUS server that supports Vendor Specific
Attributes (VSAs) is required. The Alcatel attributes may include VLAN information, time-of-day, or
slot/port restrictions.
RADIUS Server Attributes
RADIUS servers and RADIUS accounting servers are configured with particular attributes defined in RFC
2138 and RFC 2139, respectively. These attributes carry specific authentication, authorization, and config-
uration details about RADIUS requests to and replies from the server. This section describes the attributes
and how to configure them on the server.
Standard Attributes
The following tables list RADIUS server attributes 1–39 and 60–63, their descriptions, and whether the
Alcatel RADIUS client in the switch supports them. Attribute 26 is for vendor-specific information and is
discussed in
"Vendor-Specific Attributes for RADIUS" on page
RADIUS accounting servers and are listed in
Num. Standard Attribute
1 User-Name
2 User-Password
3 CHAP-Password
4 NAS-IP-Address
5 NAS-Port
6
Service-Type
7
Framed-Protocol
8
Framed-IP-Address
9
Framed-IP-Netmask
10
Framed-Routing
11
Filter-Id
12
Framed-MTU
13
Framed-Compression
14
Login-IP-Host
15
Login-Service
16
Login-TCP-Port
17 Unassigned
18 Reply-Message
OmniSwitch 6624/6648 Network Configuration Guide
17-11. Attributes 40–59 are used for
"RADIUS Accounting Server Attributes" on page
Notes
Used in access-request and account-request packets.
—
Not supported.
Sent with every access-request. Specifies which switches a
user may have access to. More than one of these attributes is
allowed per user.
Virtual port number sent with access-request and account-
request packets. Slot/port information is supplied in attribute
26 (vendor-specific).
Not supported. These attributes are used for dial-up sessions;
not applicable to the RADIUS client in the switch.
—
Multiple reply messages are supported, but the length of all
the reply messages returned in one access-accept or access-
reject packet cannot exceed 256 characters.
April 2004
RADIUS Servers
17-13.
page 17-9
Advertisement
Table of Contents
