RSA Security 6.1 manual Unspecified or 0.0.0.0 RAS IP address When you display

Page 101

XSubstrings – There are several places where a list of strings is the value of an attribute. The rule for specifying the data portion for these lists is that semicolons must delimit the substrings. For example, a DNIS list for a tunnel entry might be specified as 555-1212;5551212. If a semicolon needs to appear inside a substring, it can be escaped by placing a backslash character

(\) before it.

XHexadecimal values – Hexadecimal numbers (for attributes of syntax type hex1, hex2 or hex4) require a 0x prefix in front of the hexadecimal digits; for example 0x0000149a.

XProfiles, checklists, and return lists – Checklists associated with profiles can include default attributes, which allows you to mark a checklist attribute as optional. To signal that a checklist attribute is a default attribute, preface the attribute value with the string %default%.

Return lists associated with profiles can include attributes whose contents are the value of received attribute. This feature is referred to as “echoing” the attribute. To signal that a return list attribute must be treated as an echo attribute, specify the attribute value as the string %echo%.

XUnspecified or 0.0.0.0 RAS IP address – When you display

acct_stats_by_nasipaddr information, any RAS entries with an unspecified IP address or an IP address of 0.0.0.0 are omitted. Similarly, when you display acct_stats_by_nas information, RAS entries with an unspecified IP address or an IP address of 0.0.0.0 have nasipaddr attribute omitted.

XDuplicate RAS IP addresses – When displaying

acct_stats_by_nasipaddr information, two RAS entries that contain the same (non-zero) IP address cause information about one of the entries to be displayed twice. This is the result of the ambiguity of the query and is not a bug.

XRADIUS client information displayed after deletion – If you define a RADIUS client entry, send some accounting traffic to it, and then delete the entry, the output of ldapsearch queries continues to list the deleted RADIUS client so that the per-RAS statistics add up to the total RAS statistics.

RSA RADIUS Server 6.1 Administrator’s Guide Using the LDAP Configuration Interface

89

Image 101
Contents RSA Radius Server 6.1 Administrator’s Guide Contact Information Trademarks Distribution Contents Chapter Installing the RSA Radius Server Chapter Administering Profiles Glossary Index What’s In This Manual About This GuideAudience Syntax Conventions RSA Radius Server Documentation Related DocumentationVendor Information Requests for Comments RFCsBefore You Call for Customer Support Getting Support and ServiceThird-Party Products About RSA Radius Server RSA Radius Server FeaturesAbout RSA Radius Server September RSA Radius Server OverviewRSA Radius Authentication Radius Packets Radius Client Configuration Radius ConfigurationRadius Server Configuration Radius Shared SecretsNode Secret Radius SecretReplication Secret Radius Ports AuthenticationAccounting Comma-Delimited Log Files Accounting SequenceTunneled Accounting Dictionaries AttributesVendor-Specific Attributes Make/Model FieldUpdating Attribute Information Checklist AttributesAttribute Lists Multi-Valued Attributes Attribute ValuesReturn List Attributes Orderable Attributes Default ValuesSystem Assigned Values Echo PropertyCentralized Configuration Management Designating a New Primary Radius Server Replacing a Replica Radius ServerChanging the Name or IP Address of a Server Recovering a Replica After a Failed DownloadBefore You Begin Installing the RSA Radius ServerRequired Files Data Migration/RegistrationSystem Requirements Installing on WindowsIf you are installing a Replica RSA Radius Server, click Installing the RSA Radius ServerUninstalling the RSA Radius Server Software Installer Syntax Installing on SolarisPath Reppkg Installing the RSA Radius Server SoftwareEnter RSA administration port Stopping and Starting the Radius Daemon Migration Log File Linux Server System Requirements Installing on LinuxShould be overwritten Installing the RSA Radius Server Software Enter RSA administration port Etc/init.d/sbrd stop # ./uninstallrsa.sh Running RSA Radius Administrator Using RSA Radius AdministratorFile Menu Navigating in RSA Radius AdministratorRSA Radius Administrator Menus Panel Menu See , Administering Radius Clients onHelp Menu RSA Radius Administrator ToolbarWeb Menu Adding an Entry RSA Radius Administrator WindowsSample Add Window Editing an EntrySample Edit Window Cutting/Copying/Pasting RecordsResizing Columns Using Context MenusChanging Column Sequence Sorting InformationAdding a License Key Accessing Online HelpDisplaying Version Information Add a License for Server Window Exiting the RSA Radius AdministratorRadius Clients Panel Administering Radius ClientsAdd Radius Client Window Adding a Radius ClientSecret to display the characters in the shared secret Deleting a Radius Client Verifying a Shared SecretPage Administering Radius Clients September About Profiles Administering ProfilesAdding a Checklist or Return List Attribute for a Profile Resolving Profile and User Attributes Default ProfileAdding a Profile Setting Up ProfilesClick Add to add this attribute/value pair to the list Removing a Profile Administering Profiles September Displaying Statistics Displaying Server Authentication StatisticsStatistics Panel System Authentication Statistics Radius client is sending incorrectly formed packets to Statistics Panel System Accounting Statistics Displaying Server Accounting StatisticsAccounting Statistic Meaning Displaying Radius Client Statistics Resetting Server StatisticsOptionally, sort the messages by clicking a column header Displaying Statistics September Administering Radius Servers Adding a Radius Server Manually Replication PanelAdd Server Window Deleting a Radius Server Enabling a Radius ServerNotifying Replica Radius Servers Publishing Server Configuration InformationDesignating a New Primary Radius Server Recovering a Replica After a Failed DownloadChanging the Name or IP Address of a Server Regenerating a Node Secret Resetting the Radius Database Administering Radius Servers September Logging Files Using the Radius System LogLogging Controlling Log File Size Level of Logging DetailAccounting Log File Format Using the Accounting LogComma Placeholders First Line HeadingsAcct-Status-Type Standard Radius Accounting AttributesAcct-Input-Packets P e n d i x a Ldap Configuration Interface FileLdap Utilities About the Ldap Configuration InterfaceDownloading the Ldap Utilities Ldap RequestsLdap Version Compliance Configuring the Ldap TCP PortAvailable Attributes Ldap Virtual SchemaLdap Schema Slide 2 Ldap Schema Slide 3 Cn=username,o=radius -w passcode cachedPW Unspecified or 0.0.0.0 RAS IP address When you display Searching for Records Ldap Command ExamplesLdapmodify Option Meaning Modifying RecordsWhere Adding Records Deleting Records Stattype server Statistics VariablesCounter Statistics Stattype accounting Stattype authenticationRate Statistics Using the Ldap Configuration Interface September AAA GlossaryDNS Tokencode Radius Servers TLS 104 Glossary September Index Tokencode