EasyManua.ls Logo

Alcatel-Lucent AOS-W 6.5.3.x - Page 183

Alcatel-Lucent AOS-W 6.5.3.x
1160 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
183| Authentication Servers AOS-W 6.5.3.x| User Guide
radsec-trusted-servercert-name <name>
To upload certificates through the CLI, see Importing Certificates.
To configure a Radsec server as RFC 3576 server for dynamic authorization (CoA), see on page 192.
RADIUS Server VSAs
Vendor-Specific Attributes (VSAs) are a method for communicating vendor-specific information between
Network Access Servers and RADIUS servers, allowing vendors to support their own extended attributes.
You can use Alcatel-Lucent VSAs to derive the user role and VLAN for RADIUS-authenticated clients on the
wired or Wi-Fi network, or define RTTS VSAs for a Cellular WLAN switch (CWC). The VSAs must be present on
your RADIUS server, which requires that you update the RADIUS dictionary file with the vendor name and/or
the vendor-specific code , the vendor-assigned attribute number, and the attribute format (such as string or
integer) for each VSA. For more information on VSA-derived user roles, see Configuring a VSA-Derived Role on
page 391
Table 43 describes Alcatel-Lucent-specific RADIUS VSAs, and Table 44 describes RTTS VSAs supported in AOS-W.
For the current and complete list of all VSAs available in the version of AOS-W currently running on your switch,
access the command-line interface and issue the command show aaa radius attributes.
VSA
Type Value
Description
Vendor
Name
Vendor
ID
Aruba-User-
Role
String 1 This VSA returns the role to be assigned to the user
post authentication. The user will be granted access
based on the role attributes defined in the role.
Aruba 14823
Aruba-User-
Vlan
Integer 2
This VSA returns the VLAN to be used by the client.
Range: 1–4094.
Aruba 14823
Aruba-Priv-
Admin-User
Integer 2
If this VSA is set in the RADIUS accept message, the
user can bypass the enable prompt.
Aruba 14823
Aruba-
Admin-Role
String 4
This VSA returns the management role to be
assigned to the user post management
authentication. This role can be seen using the
command show mgmt-role in the command-line
interface.
Aruba 14823
Aruba-Essid-
Name
String 5
String that identifies the name of the ESSID.
Aruba 14823
Aruba-
Location-Id
String 6
String that identifies the name of the AP location.
Aruba 14823
Aruba-Port-
Id
String 7
String that identifies the Port ID.
Aruba 14823
Aruba-
Template-
User
String 8
String that identifies the name of anAlcatel-Lucent
user template.
Aruba 14823
Table 43: Alcatel-Lucent RADIUS VSAs

Table of Contents