search

Bay Networks Radius Manual de usuario Pagina 5

  • Descarga
  • Añadir a mis manuales
  • Imprimir
  • Pagina
    / 14
  • Tabla de contenidos
  • MARCADORES
    • Valorado. / 5. Basado en revisión del cliente
Vista de pagina 4
Now that MS-CHAP RADIUS attributes have been published in RFC 2548
[9] as Microsoft VSA attributes, it will become typical that for NAS
clients that support MS-CHAP authentication to process several
Mitton Informational [Page 5]
RFC 2882 Extended RADIUS Practices July 2000
different vendor VSA types. This has implications for RADIUS servers
that filter or "prune" return attributes based on the vendor
make/model of the NAS client.
One NAS implementation can receive up to three different vendor
specific attribute sets, but will only send attributes according to
the "mode" that has been configured by the operator. This allows it
to fit into environments where the customer has become dependent on a
particular set of RADIUS attributes, and allows the NAS to "drop-in"
without server attribute changes.
There is another NAS that supports 3 vendor attributes sets
concurrently. That is, it will normally use a combination of
different vendor VSAs in return profiles from the server. This was
done to support a superset of competing vendor's extensions, as well
as it's own, and include an extensions from a sister product.
3. Attribute Data Types
The base RFCs define only has 4 basic data types:
- integer, 32 bit unsigned
- string, 1-253 bytes, counted.
- ipaddr, 32 bit IPv4
- date, 32 bit Unix format.
Since then, various variations have been added:
The tunnel authentication document [6] adds an optional compound
"tag" byte to tunnel attributes. These are a single byte prepended
to the data field in order to support sets of attributes to be
returned. The byte value must be in the range 01-3F hex or it is
considered to be data.
Note that there is no native support for IPv6 addresses. In fact IPv6
support is missing in some fixed message components too.
There have been special attribute types created within servers. For
packet filters, the format called "abinary" was created. The user
enters an ASCII string filter description in the user profile, but
the server parses it into a binary string before passing it to the
NAS. This lowers the complexity of the NAS parser. Also a
"phonestring" server data type allows additional data type checking
at the entry application.
Mitton Informational [Page 6]
RFC 2882 Extended RADIUS Practices July 2000
Vista de pagina 4
1 2 3 4 5 6 7 8 9 10 ... 13 14

Comentarios a estos manuales

Sin comentarios
Relacionado con productos y manuales para Software Bay Networks Radius
Software Bay Networks ATMSpeed Especificaciones   (74 paginas)
  • First Austria Chefmate Soundiron Meta Heart & Home Collectables
  • Parasound Tocadiscos Samsung Lavadoras Maytag Secadoras Shindaiwa No Rosewill Tarjetas de sonido
  • D-Link Express EtherNetwork DI-604 Konica-minolta BIZHUB C552 Samsung DCS 400si
  • Asus G46VW Manual de usuario HP EliteDisplay S231d 23-in IPS LED Notebook Docking Monitor Manual de usuario Stetsom STX62 Manual de usuario Electrolux EHS60210P Manual de usuario Mr-heater MH9BX Manual de usuario