+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Interface Name...

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

Type - 26 for Vendor-Specific

Length - >7

Vendor-Id - 14179

Vendor type - 5

Vendor length - >0

Value - A string that includes the name of the interface the client is to be assigned to.

Note: This Attribute only works when MAC Filtering is enabled, or if 802.1X or WPA is used as the security policy.

VLAN-Tag

This attribute indicates the group ID for a particular tunneled session, and is also known as the Tunnel-Private-Group-ID attribute.

This attribute MAY be included in the Access-Request packet if the tunnel initiator can predetermine the group resulting from a particular connection and SHOULD be included in the Access-Accept packet if this tunnel session is to be treated as belonging to a particular private group. Private groups may be used to associate a tunneled session with a particular group of users. For example, it may be used to facilitate routing of unregistered IP addresses through a particular interface. It SHOULD be included in Accounting-Request packets which contain Acct-Status-Type attributes with values of either Start or Stop and which pertain to a tunneled session.

A summary of the Tunnel-Private-Group-ID Attribute format is shown below. The fields are transmitted from left to right.

0123

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Type Length Tag String...

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Type - 81 for Tunnel-Private-Group-ID.

Length - >= 3

Tag - The Tag field is one octet in length and is intended to provide a means of grouping attributes in the same packet which refer to the same tunnel. If the value of the Tag field is greater than 0x00 and less than or equal to 0x1F, it SHOULD be interpreted as indicating which tunnel (of several alternatives) this attribute pertains. If the Tag field is greater than 0x1F, it SHOULD be interpreted as the first byte of the following String field.

String - This field must be present. The group is represented by the String field. There is no restriction on the format of group IDs.

Tunnel Attributes

Note: When any of the other RADIUS attributes in this section are returned, the Tunnel Attributes must also be returned.

5/26/05

Configuring Identity Networking for Operating System

OL-7426-03

 

Page 119 Page 121
Page 120
Image 120
Cisco Systems OL-7426-03 quick start VLAN-Tag, Tunnel Attributes
Page 119 Page 121
Top Page Image Contents