EasyManua.ls Logo

Alcatel-Lucent 8950 AAA - Page 157

Alcatel-Lucent 8950 AAA
476 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Understanding and Creating Attribute SetsUsing the 8950 AAA Policy Assistant in Server
Management Tool
............................................................................................................................................................................................................................................................
365-360-001R6.0
Issue 1, December 2008
9-17
............................................................................................................................................................................................................................................................
The 8950 AAA server supports session provisioning by returning reply attributes to the
NAS upon a successful authentication. Reply attributes, stored in a attribute set, or
possibly a user profile, provide additional parameters the NAS needs to complete an
access request. By including appropriate reply attributes in a policy, a variety of
connection configurations can be applied. For example, a user can be assigned a specific
IP addresses, IP header compression can be turned on or off, or a time limit can be
assigned to the connection. Table 9-2 lists attributes allowed in an Access-Accept that are
commonly used as reply attributes.
Time-Of-Day Define allowed access times by
day-of-week and/or hour-of-day.
Time-Of-Day = Wk0800-
1700
Table 9-2 List of Attributes allowed in an Access–Accept available as Reply
Attributes
Attribute Name Description Required Max
User-Name Sets the User-Name for the
session. Use if the NAS should
send accounting for a name other
than the name used for
authentication
No 1
Service-Type The type of protocol. Typically set
to “Framed-Protocol” for IP
networks.
No 1
Framed-Protocol The framing protocol to be used,
typically PPP.
No 1
Framed-IP-Address Assigns an IP Address for the
session
No 1
Framed-IP-Netmask Assigns a Netmask for the session No 1
Filter-Id Sets an IP filter to use for the
session. The filter must have been
defined or be available to the
NAS.
No No limit
Figure 9-9 Sample List of Verification Attributes
Attribute Name
Description of Use of this
Attribute as a Verification
Attribute Example

Table of Contents