H3C Technologies H3C WX3000 Series Unified Switches User Manual

Page 249

Advertising
background image

25-6

5) The Authenticator field (16 bytes) is used to authenticate the response from the RADIUS server;

and is used in the password hiding algorithm. There are two kinds of authenticators: Request
Authenticator and Response Authenticator.

6) The Attributes field contains specific authentication/authorization/accounting information to provide

the configuration details of a request or response message. This field contains a list of field triplet
(Type, Length and Value):

z

The Type field (one byte) specifies the type of an attribute. Its value ranges from 1 to 255.

Table

26-2

lists the attributes that are commonly used in RADIUS authentication/authorization.

z

The Length field (one byte) specifies the total length of the attribute in bytes (including the Type,
Length and Value fields).

z

The Value field (up to 253 bytes) contains the information of the attribute. Its format is determined
by the Type and Length fields.

Table 26-2

RADIUS attributes

Type field value

Attribute type

Type field value

Attribute type

1 User-Name

23 Framed-IPX-Network

2 User-Password

24 State

3 CHAP-Password

25 Class

4 NAS-IP-Address

26 Vendor-Specific

5 NAS-Port

27 Session-Timeout

6 Service-Type

28 Idle-Timeout

7 Framed-Protocol

29 Termination-Action

8 Framed-IP-Address

30 Called-Station-Id

9 Framed-IP-Netmask

31 Calling-Station-Id

10 Framed-Routing

32 NAS-Identifier

11 Filter-ID

33 Proxy-State

12 Framed-MTU

34 Login-LAT-Service

13 Framed-Compression

35 Login-LAT-Node

14 Login-IP-Host

36 Login-LAT-Group

15 Login-Service

37 Framed-AppleTalk-Link

16 Login-TCP-Port

38 Framed-AppleTalk-Network

17 (unassigned)

39 Framed-AppleTalk-Zone

18

Reply-Message

40-59

(reserved for accounting)

19 Callback-Number

60 CHAP-Challenge

20 Callback-ID

61 NAS-Port-Type

21 (unassigned)

62 Port-Limit

22 Framed-Route

63 Login-LAT-Port

The RADIUS protocol has good scalability. Attribute 26 (Vender-Specific) defined in this protocol allows
a device vendor to extend RADIUS to implement functions that are not defined in standard RADIUS.

Advertising
Popular Brands
Popular manuals