A vendor can encapsulate multiple sub-attributes in the type-length-value (TLV) format in RADIUS packets for extension of applications. As shown in a, a sub-attribute that can be encapsulated in Attribute 26 consists of the following parts:

Vendor-ID—Indicates the ID of the vendor. Its most significant byte is 0; the other three bytes contains a code that is compliant to RFC 1700.

Vendor-Type—Indicates the type of the sub-attribute.

Vendor-Length—Indicates the length of the sub-attribute.

Vendor-Data—Indicates the contents of the sub-attribute.

a.Segment of a RADIUS packet containing an extended attribute

Protocols and standards

RFC 2865, Remote Authentication Dial In User Service (RADIUS)

RFC 2866, RADIUS Accounting

RFC 2867, RADIUS Accounting Modifications for Tunnel Protocol Support

RFC 2868, RADIUS Attributes for Tunnel Protocol Support

RFC 2869, RADIUS Extensions

Configuring RADIUS

Configuration task list

NOTE:

The RADIUS scheme configured through the web interface is named system.

If there is no RADIUS scheme named system in the system, when you select Authentication RADIUS to enter the RADIUS module, a scheme named system is created automatically.

1.RADIUS configuration task list

TaskDescription

 

Required

Configuring RADIUS

Configure the information related to the primary and

authentication servers

secondary RADIUS authentication servers.

 

By default, no RADIUS authentication server is configured.

For more information, see “Configuring RADIUS servers.”

Page 380
Image 380
HP V1910 Configuring Radius, Segment of a Radius packet containing an extended attribute, Radius configuration task list