RADIUS ATTRIBUTES REFERENCE GUIDE
RELEASE 14.0.R4
RADIUS Attributes Reference
Issue: 01 3HE 10793 AAAB TQZZA 01 11
2 User-Password The password of the user to be authenticated, or the user's input following
an Access-Challenge. For PPPoE users it indirectly maps to the password
provided by a PPPoE PAP user in response to the PAP Authenticate-
Request. For IPoE/ARP hosts it indirectly maps to a preconfigured
password (configure subscriber-mgmt authentication-policy name
password password or configure aaa isa-radius-policy name
password password).
3 CHAP-Password Provided by a PPPoE CHAP user in response to the CHAP challenge.
The CHAP challenge sent by the NAS to a PPPoE CHAP user is part of
the CHAP authentication sequence RFC 1994, PPP Challenge
Handshake Authentication Protocol (CHAP), (Challenge, Response,
Success, Failure). The user generated CHAP password length is equal to
the defined Limits and contains a one byte CHAP-Identifier from the user's
CHAP Response followed by the CHAP Response from the user.
4 NAS-IP-Address The identifying IP Address of the NAS requesting the Authentication or
Accounting. Included when the RADIUS server is reachable via IPv4. The
address is determined by the routing instance through which the RADIUS
server can be reached:
“Management” — The active ipv4 address in the Boot Options File (bof
address ipv4-address)
“Base” or “VPRN” — the ipv4 address of the system interface (configure
router interface system address address).
The address can be overwritten with the configured source-address
(configure aaa radius-server-policy policy-name servers source-
address ip-address).
5 NAS-Port The physical access-circuit on the NAS which is used for the
Authentication or Accounting of the user. The format of this attribute is
configurable on the NAS as a fixed 32 bit value or a parameterized 32 bit
value. The parameters can be a combination of outer-vlan-id(o), inner-
vlan-id(i), slot number(s), MDA number(m), port number or lag-id(p), ATM
VPI(v) and ATM VCI(c), fixed bit values zero (0) or one (1) but cannot
exceed 32 bit. The format can be configured for following applications:
configure aaa l2tp-accounting-policy name include-radius-attribute
nas-port, configure router l2tp cisco-nas-port, configure service
vprn service-id l2tp cisco-nas-port, configure subscriber-mgmt
authentication-policy name include-radius-attribute nas-port,
configure subscriber-mgmt radius-accounting-policy name include-
radius-attribute nas-port.
6 Service-Type The type of service the PPPoE user has requested, or the type of service
to be provided for the PPPoE user. Optional in RADIUS-Accept and CoA.
Treated as a session setup failure if different from Framed-User.
Table 2 Subscriber Host Identification (Description) (Continued)
Attribute ID Attribute Name Description
To Next Page
Loading...
