Web info

nonstandard attributes that it encounters in the packet. Standard RADIUS attributes are always defined by the radius.dct file. If you do not know the make/model for a RADIUS client, choose the default option: - Standard Radius -.

For the most part, the selections currently available in the Make/model field are devices whose vendors have provided up-to-date attribute dictionaries. Documentation for these vendors and their products is available online by

clicking the button on the RADIUS Clients panel (described on page 45).

Updating Attribute Information

If your RAS vendor announces a new product, a new attribute, or a new value for an attribute, you can add this information to your RSA RADIUS Server configuration. You can edit the dictionary file for that vendor to add new attributes or attribute values, or you can create a new vendor-specific dictionary file that contains new attributes and values.

For information on modifying vendor dictionary files, refer to the

RSA RADIUS Server 6.1 Reference Guide.

Attribute Lists

You can use profiles to control authentication at finer levels of detail than simple user ID and password checking allow. Checklists and return lists provide powerful tools for the authentication and authorization of users.

Checklist Attributes

A checklist is a list of attributes that must accompany the request for connection before the connection request can be authenticated. The RAS must send attributes that match the checklist associated with a user entry; otherwise, RSA RADIUS Server rejects the user even if the user’s name and password are valid.

By including appropriate attributes in the checklist, a variety of rules can be enforced. For example, only specific users might be permitted to use ISDN or dial-in connections to a particular RAS, or Caller ID might be used to validate a user against a list of acceptable originating telephone numbers.

A checklist is created by choosing attributes from a list of all RADIUS attributes known to the RSA RADIUS Server. This list can include a variety of vendor-specific attributes.

RSA RADIUS Server 6.1 Administrator’s Guide

About RSA RADIUS Server

13

Page 25
Image 25
RSA Security 6.1 manual Attribute Lists, Updating Attribute Information, Checklist Attributes