Cisco Systems OL-7426-03

5/26/05 Configuring Identity Networking for Operating System

OL-7426-03

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

| Interface Name...

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

•Type - 26 for Vendor-Specific

•Length - >7

•Vendor-Id - 14179

•Vendor type - 5

•Vendor length - >0

•Value - A string that includes the name of the interface the client is to be assigned to.

VLAN-TagVLAN-Tag

This attribute indicates the group ID for a particular tunneled session, and is also known as the

Tunnel-Private-Group-ID attribute.

This attribute MAY be included in the Access-Request packet if the tunnel initiator can predetermine the

group resulting from a particular connection and SHOULD be included in the Access-Accept packet if

this tunnel session is to be treated as belonging to a particular private group. Private groups may be

used to associate a tunneled session with a particular group of users. For example, it may be used to

facilitate routing of unregistered IP addresses through a particular interface. It SHOULD be included in

Accounting-Request packets which contain Acct-Status-Type attributes with values of either Start or

Stop and which pertain to a tunneled session.

A summary of the Tunnel-Private-Group-ID Attribute format is shown below. The fields are transmitted

from left to right.

0123

01234567890123456789012345678901

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

| Type | Length | Tag | String...

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

•Type - 81 for Tunnel-Private-Group-ID.

•Length - >= 3

•Tag - The Tag field is one octet in length and is intended to provide a means of grouping

attributes in the same packet which refer to the same tunnel. If the value of the Tag field is

greater than 0x00 and less than or equal to 0x1F, it SHOULD be interpreted as indicating which

tunnel (of several alternatives) this attribute pertains. If the Tag field is greater than 0x1F, it

SHOULD be interpreted as the first byte of the following String field.

•String - This field must be present. The group is represented by the String field. There is no

restriction on the format of group IDs.

Tunnel AttributesTunnel Attributes

Note: This Attribute only works when MAC Filtering is enabled, or if 802.1X or WPA is

used as the security policy.

Note: When any of the other RADIUS attributes in this section are returned, the

Tunnel Attributes must also be returned.