|
|
CiscoSecure ACS provides support for many Remote Access Dial-In User Service (RADIUS) attribute-value (AV) pairs. Included with CiscoSecure ACS are the full AV pairs contained in Cisco IOS Release 11.2, Ascend, and IETF-RADIUS. You can enable different AV pairs for any of the supported AV. Listed in this appendix are the supported AV pairs specific to each vendor.
Before selecting AV pairs for the CiscoSecure ACS, confirm that your network access server (NAS) is running Cisco IOS Release 11.2 or later or compatible NAS software, for RADIUS support.
Note If you specify a given AV pair on the CiscoSecure ACS, the corresponding AV pair must be implemented in the Cisco IOS software running on the NAS. As a result, always consider what AV pairs your Cisco IOS release supports on the NAS. If CiscoSecure ACS sends those AV pairs to the NAS, and the Cisco IOS software does not support them, the attribute you requested cannot be implemented.
Table C-1 lists the AV pairs provided in the Cisco IOS software.
Table C-2 lists the supported RADIUS (IETF) attributes. In cases where the attribute has a security server-specific format, the format is specified.
Table C-3 lists the supported RADIUS (IETF) accounting attributes. In cases where the attribute has a security server-specific format, the format is specified.
This file contains dictionary translations for parsing requests and generating responses. All transactions are composed of AV pairs. The value of each attribute is specified as one of five valid data types:
· ipaddr—4 octets in network byte order
· integer—32-bit value in big endian order (high byte first)
· date—32-bit value in big endian order - for example, seconds since 00:00:00 GMT, Jan. 1, 1970
Enumerated values are stored in the user file with dictionary value translations for easy administration.
Posted: Mon Jan 20 21:20:05 PST 2003
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.