During authentication, RSA RADIUS Server filters the checklist based on the dictionary for the RADIUS client that sent the authentication request. The server ignores any checklist attribute that is not valid for this device.
Return List Attributes
A return list is a list of attributes that RSA RADIUS Server must return to the RAS after authentication succeeds. The return list usually provides additional parameters that the RAS needs to complete the connection, typically as part of
PPPnegotiations. Return list attributes can be “authorization configuration parameters.”
By including appropriate attributes in the return list, you can create a variety of connection policies. Specific users can be assigned particular IP addresses or IPX network numbers; IP header compression can be turned on or off; or a time limit can be assigned to the connection.
You create a return list by choosing attributes from a list of all RADIUS attributes known to the RSA RADIUS Server. This list can include a variety of
During authentication, RSA RADIUS Server filters the return list based on the dictionary for the specific RADIUS client that sent the authentication request. The server omits any return list attribute that is not valid for this device.
Attribute Values
The value of each RADIUS attribute has a
Multi-Valued Attributes
Attributes can be single- or
If an attribute appears more than once in the checklist, this means that any one of the values is valid. For example, you can set up a checklist to include both Sync and Async values for attribute
If an attribute appears more than once in the return list, each value of the attribute is sent as part of the response packet. For example, to enable both IP and IPX header compression for a user, you would configure the
14 | About RSA RADIUS Server | September 2005 |
