CHAPTER 4: Configuration
47
4.3.5.C RADIUS Client Support
The Remote Access Concentrator’s RADIUS Client supports these features:
•
Device-level authentication
for inbound PPP-IP and PPP-bridge devices.
•
CHAP
or
PAP authentication
(one or the other is required).
•
Remote-device IP addresses:
Assigned by the RADIUS server or selected by the remote device itself.
•
Call accounting:
Records the number of “in” octets, “in” packets, “out” octets, and “out” packets; the multi-
session ID; and the number of seconds a B-channel is in service. (If desired, the number of calls can be
calculated by counting records with the same multi-session ID.)
Table 4-2 below and on the following pages describes supported attributes for the Access-Request, Access-
Accept, Access-Reject, Accounting-Request, and Accounting-Response packet types. Each of the attribute
types in the table are more fully described in RFC 2138 and RFC 2139.
Table 4-2. Supported RADIUS-Packet Attributes
ID
Attribute Name
Comments
1
User-Name
In Access-Request and Accounting-Request. Currently, this is always the device
name.
2
User-Password
In Access-Request.
3
CHAP-Password
In Access-Request.
4
NAS-IP-Address
In Access-Request and Accounting-Request.
5
NAS-Port
In Access-Request and Accounting-Request. The NAS-Port attribute can be
useful for determining physical resources used by a connection. It’s a 5-digit
number with the format:
<type> <wide area port> <channel>
<type>
is “1” for a digital call or “2” for an analog call.
<wide area port>
uses two digits to specify the port that the call is using.
<channel>
uses two digits to represent the channel on the line that the call
is using.
For example, an analog call on port 1, channel 0 would have a NAS-Port
attribute of “20100”.
6
Service-Type
In Access-Request and Access-Accept. The only supported Service-Type
is Framed (Framed protocol PPP).
7
Framed-Protocol
In Access-Request and Access-Accept. The only supported Framed Protocol
is PPP.
