IPSec Tunnel Identification Attributes
Page 236 7750 SR RADIUS Attributes Reference Guide
IPSec Tunnel Identification Attributes
Table 79 details the different attributes that can be used in a Disconnect Message to identify one or
multiple IKEv2 remote-access tunnel(s).
1. Only one of the three identification methods should be used in a Disconnect Request, otherwise
the system will reject it by sending a Disconnect-NAK with [101] Error-Cause value set to 404
(Invalid Request).
2. If there are multiple tunnels having the specified IDi, then all these tunnels will be terminated.
Table 79: Disconnect Message: IPSec Tunnel Identification Attributes
ID method
1
Attribute ID Attribute Name Notes Identifies
1 87 NAS-Port-Id NAS-Port-Id+
Alc-IPsec-Serv-Id
+
a single IP Address
or IPv6 Prefix
attribute
Single IPSec
Tunnel
26-6527-61 Alc-IPSec-Serv-Id
8
97
Framed-IP-
Address
Framed-IPv6-
Prefix
2 44 Acct-Session-Id — Single IPSec
Tunnel for a given
public service
3 1 User-Name — All IPSec Tunnels
with the User-
Name as the IDi
2
To Next Page
Loading...
