Cisco 3.3 User Manual
Page 681
C-9
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Appendix C RADIUS Attributes
Cisco VPN 3000 Concentrator Dictionary of RADIUS VSAs
Cisco VPN 3000 Concentrator Dictionary of RADIUS
VSAs
Cisco Secure ACS supports Cisco VPN 3000 RADIUS VSAs. The vendor ID for
this Cisco RADIUS Implementation is 3076.
lists the supported
Cisco VPN 3000 Concentrator RADIUS VSAs.
Note
Some of the RADIUS VSAs supported by Cisco VPN 3000 Concentrators are
interdependent. Before you implement them, we recommend that you refer to
Cisco VPN 3000-series Concentrator documentation.
To control Microsoft MPPE settings for users accessing the network through a
Cisco VPN 3000-series concentrator, use the CVPN3000-PPTP-Encryption (VSA
20) and CVPN3000-L2TP-Encryption (VSA 21) attributes. Settings for
CVPN3000-PPTP-Encryption (VSA 20) and CVPN3000-L2TP-Encryption (VSA
21) override Microsoft MPPE RADIUS settings. If either of these attributes is
enabled, Cisco Secure ACS determines the values to be sent in outbound RADIUS
(Microsoft) attributes and sends them along with the RADIUS (Cisco VPN 3000)
attributes, regardless of whether RADIUS (Microsoft) attributes are enabled in
the Cisco Secure ACS HTML interface or how those attributes might be
configured.
Table C-3
Cisco VPN 3000 Concentrator RADIUS VSAs
Number
Attribute
Type of Value
Inbound/Outbound
Multiple
1
CVPN3000-Access-Hours
String (maximum
length 247
characters)
Outbound
No
2
CVPN3000-Simultaneous-Logins
Integer (maximum
length 10
characters)
Outbound
No
5
CVPN3000-Primary-DNS
Ipaddr (maximum
length 15
characters)
Outbound
No