1756
C
HAPTER
93: AAA/RADIUS/HWTACACS C
ONFIGURATION
4
The Authenticator field (16-byte long) is used to authenticate the reply from the
RADIUS server, and is also used in the password hiding algorithm. There are two
kinds of authenticators: Request and Response.
5
The Attribute field carries information about the configuration details of a request
or response. This field is represented in triplets of Type, Length, and Value.
■
Type: One byte, in the range 1 to 255. It is for indicating the type of the
attribute. Commonly used attributes for RADIUS authentication and
authorization are listed in
Table 54
.
■
Length: One byte for indicating the length of the attribute in bytes, including
the Type, Length, and Value fields.
■
Value: Value of the attribute, up to 253 bytes. Its format and content depend
on the Type and Length fields.
The RADIUS protocol features excellent extensibility. Attribute 26 (Vender-Specific)
allows a vender to define extended attributes to implement functions that the
standard RADIUS protocol does not provide.
Figure 514
illustrates a segment of a
RADIUS packet containing an extended attribute. The four-byte field Vendor-ID
indicates the ID of the vendor. Its highest byte is 0 and the other three bytes
contain a code complying with RFC 1700. A vendor can encapsulate multiple
type-length-value (TLV) sub-attributes in RADIUS packets for extension in
applications.
Table 54
RADIUS attributes
Type Attribute
type
Type Attribute
type
1 User-Name
23 Framed-IPX-Network
2 User-Password
24 State
3 CHAP-Password
25 Class
4 NAS-IP-Address
26 Vendor-Specific
5 NAS-Port
27 Session-Timeout
6 Service-Type
28 Idle-Timeout
7 Framed-Protocol
29 Termination-Action
8 Framed-IP-Address
30 Called-Station-Id
9 Framed-IP-Netmask
31 Calling-Station-Id
10 Framed-Routing
32 NAS-Identifier
11 Filter-ID
33 Proxy-State
12 Framed-MTU
34 Login-LAT-Service
13 Framed-Compression
35 Login-LAT-Node
14 Login-IP-Host
36 Login-LAT-Group
15 Login-Service
37 Framed-AppleTalk-Link
16 Login-TCP-Port
38 Framed-AppleTalk-Network
17 (unassigned)
39 Framed-AppleTalk-Zone
18 Reply_Message
40-59
(reserved
for
accounting)
19 Callback-Number
60 CHAP-Challenge
20 Callback-ID
61 NAS-Port-Type
21 (unassigned)
62 Port-Limit
22 Framed-Route
63 Login-LAT-Port
Summary of Contents for MSR 50 Series
Page 152: ...152 CHAPTER 5 ATM CONFIGURATION...
Page 210: ...210 CHAPTER 6 DCC CONFIGURATION...
Page 234: ...234 CHAPTER 7 DLSW CONFIGURATION...
Page 344: ...344 CHAPTER 14 X 25 AND LAPB CONFIGURATION...
Page 350: ...350 CHAPTER 15 LINK AGGREGATION OVERVIEW...
Page 358: ...358 CHAPTER 17 MODEM CONFIGURATION...
Page 486: ...486 CHAPTER 23 MSTP CONFIGURATION...
Page 506: ...506 CHAPTER 25 VOICE VLAN CONFIGURATION...
Page 510: ...510 CHAPTER 26 PORT ISOLATION CONFIGURATION...
Page 524: ...524 CHAPTER 27 DYNAMIC ROUTE BACKUP CONFIGURATION...
Page 538: ...538 CHAPTER 28 LOGICAL INTERFACE CONFIGURATION...
Page 548: ...548 CHAPTER 29 CPOS INTERFACE CONFIGURATION...
Page 572: ...572 CHAPTER 32 DHCP OVERVIEW...
Page 604: ...604 CHAPTER 36 DHCP SNOOPING CONFIGURATION...
Page 608: ...608 CHAPTER 37 BOOTP CLIENT CONFIGURATION...
Page 646: ...646 CHAPTER 42 IP UNICAST POLICY ROUTING CONFIGURATION...
Page 650: ...650 CHAPTER 43 UDP HELPER CONFIGURATION...
Page 738: ...738 CHAPTER 50 IPV6 UNICAST POLICY ROUTING CONFIGURATION...
Page 770: ...770 CHAPTER 51 TERMINAL ACCESS CONFIGURATION...
Page 798: ...798 CHAPTER 52 FEP INSTALLATION AND CONFIGURATION...
Page 808: ...808 CHAPTER 53 TERMINAL ACCESS TROUBLESHOOTING...
Page 814: ...814 CHAPTER 54 TERMINAL ACCESS FAQ...
Page 824: ...824 CHAPTER 55 IP ROUTING OVERVIEW...
Page 876: ...876 CHAPTER 56 BGP CONFIGURATION...
Page 916: ...916 CHAPTER 57 IS IS CONFIGURATION...
Page 970: ...970 CHAPTER 58 OSPF CONFIGURATION...
Page 1006: ...1006 CHAPTER 60 ROUTING POLICY CONFIGURATION...
Page 1013: ...Configuration Example 1013 3 1 ms 1 ms 1 ms 1 1 2 2 Trace complete...
Page 1014: ...1014 CHAPTER 61 STATIC ROUTING CONFIGURATION...
Page 1048: ...1048 CHAPTER 63 IPV6 IS IS CONFIGURATION...
Page 1068: ...1068 CHAPTER 64 IPV6 OSPFV3 CONFIGURATION...
Page 1080: ...1080 CHAPTER 65 IPV6 RIPNG CONFIGURATION...
Page 1114: ...1114 CHAPTER 68 MULTICAST ROUTING AND FORWARDING CONFIGURATION...
Page 1160: ...1160 CHAPTER 70 MSDP CONFIGURATION...
Page 1234: ...1234 CHAPTER 73 MLD CONFIGURATION...
Page 1278: ...1278 CHAPTER 74 IPV6 PIM CONFIGURATION...
Page 1310: ...1310 CHAPTER 75 MULTICAST VPN CONFIGURATION...
Page 1344: ...1344 CHAPTER 76 MPLS BASICS CONFIGURATION...
Page 1458: ...1458 CHAPTER 78 MPLS L2VPN CONFIGURATION...
Page 1556: ...1556 CHAPTER 79 MPLS L3VPN CONFIGURATION...
Page 1588: ...1588 CHAPTER 80 DVPN CONFIGURATION...
Page 1648: ...1648 CHAPTER 85 QOS POLICY CONFIGURATION...
Page 1696: ...1696 CHAPTER 89 MPLS QOS CONFIGURATION...
Page 1708: ...1708 CHAPTER 90 DAR CONFIGURATION...
Page 1728: ...1728 CHAPTER 91 FRAME RELAY QOS CONFIGURATION...
Page 1750: ...1750 CHAPTER 92 802 1X CONFIGURATION...
Page 1788: ...1788 CHAPTER 93 AAA RADIUS HWTACACS CONFIGURATION...
Page 1810: ...1810 CHAPTER 95 MAC AUTHENTICATION CONFIGURATION...
Page 1850: ...1850 CHAPTER 97 PKI CONFIGURATION...
Page 1872: ...1872 CHAPTER 98 PORTAL CONFIGURATION...
Page 1970: ...1970 CHAPTER 106 BACKUP CENTER CONFIGURATION...
Page 2048: ...2048 CHAPTER 110 NETSTREAM CONFIGURATION...
Page 2084: ...2084 CHAPTER 112 RMON CONFIGURATION...
Page 2094: ...2094 CHAPTER 113 SNMP CONFIGURATION...
Page 2114: ...2114 CHAPTER 115 FTP CONFIGURATION...
Page 2124: ...2124 CHAPTER 117 SYSTEM MAINTAINING AND DEBUGGING...
Page 2154: ...2154 CHAPTER 119 INFORMATION CENTER CONFIGURATION...
Page 2170: ...2170 CHAPTER 121 MAC ADDRESS TABLE MANAGEMENT CONFIGURATION...
Page 2186: ...2186 CHAPTER 123 POE CONFIGURATION...
Page 2198: ...2198 CHAPTER 125 ACFP CONFIGURATION...
Page 2206: ...2206 CHAPTER 126 ACSEI CONFIGURATION...
Page 2216: ...2216 CHAPTER 127 TRACK CONFIGURATION...
Page 2232: ...2232 CHAPTER 128 IPX CONFIGURATION...
Page 2242: ...2242 CHAPTER 129 VOICE OVERVIEW...
Page 2244: ...2244 CHAPTER 130 VOIP OVERVIEW...
Page 2288: ...2288 CHAPTER 132 VOICE ENTITY CONFIGURATION...
Page 2342: ...2342 CHAPTER 134 E1 AND T1 CONFIGURATION...
Page 2354: ...2354 CHAPTER 135 FAX OVER IP CONFIGURATION...
Page 2366: ...2366 CHAPTER 136 H 323 CONFIGURATION...
Page 2384: ...2384 CHAPTER 137 SIP OVERVIEW...