6 The server processes the accounting request locally.
To implement tunneled accounting, you must configure the classmap.ini file to specify how attributes should be presented, and you must configure the spi.ini file to specify the keys that are used to encrypt and decrypt users’ identity information.
Attributes
You work with RADIUS attributes while setting up users, profiles, and RADIUS clients on the RSA RADIUS Server. The RSA RADIUS Server Administrator program allows you to choose RADIUS attributes by name from a predefined list. For each attribute, the RSA RADIUS Administrator prompts you to enter values using familiar data types such as string, integer, telephone number, or network address.
Dictionaries
RSA RADIUS Server uses dictionary files to store lists of RADIUS attributes. RSA RADIUS Server uses these dictionaries to parse authentication and accounting requests and generate responses.
The main RSA RADIUS Server dictionary file (radius.dct) lists attributes defined by the RADIUS standard. The radius.dct file resides in the same directory as the RSA RADIUS Server service (usually C:\Program Files \RSA Security\RSA RADIUS\Service on Windows computers and /opt/rsa/radius on Solaris and Linux computers).
Vendor-Specific Attributes
In addition to the standard attributes, many RAS devices use
Make/Model Field
During RSA RADIUS Server configuration, when you make a selection in the RADIUS client Make/model field, you are telling the server which dictionary file contains the VSAs for this client device. Thereafter, whenever the server receives a RADIUS packet from this client device, it can consult this dictionary file for any
12 | About RSA RADIUS Server | September 2005 |