User:orig-name sub-attribute, User:auth-type sub-attribute – ADC SG-1 User Manual
Page 166
Appendix A: SG-1 Vendor-Specific Attributes
A-8
Format:
adc-avpair = "user:accounting=[disable | enable | lastpacket |enable-on-ip-update |
interim-update;
Example 1:
adc-avpair = "user:accounting=disable",
Example 2:
gcon-avpair = "user:accounting=interim-update;600",
user:orig-name sub-attribute
The user:orig-name sub-attribute contains the original user name as received during PPP negotiation. The sub-
attribute is sent in Access Request messages, only in operation modes that overwrite or that do not send the original
user name. It is used in the following modes:
• domain separator
• service authentication
General:
Format:
adc-avpair =
"
user:orig-name=<original user name>",
Example:
adc-avpair = "user:orig-name=test",
user:auth-type sub-attribute
The user:auth-type sub-attribute contains the authentication type of the Access Request message sent by the
system to the RADIUS. It provides the RADIUS with additional information regarding the purpose of the
authentication. There are several irregular reasons for RADIUS authentication: pre-authentication, service selection,
and web-authentication.
• pre-authentication – the system authenticates the peer using the CLI before proceeding with the
user connection.
• service selection – the system authenticates the requested service in order to receive its definition
from the RADIUS.
• WEB authentication – the system authenticates the received user-name and password (using the USER-
PASS EDS field) with its configured RADIUS.
Operation Mode:
Access-Request message
Service-Request message
Vendor-type:
12
Vendor-length =
2 + name length + 1-128
Note:
The system sends this sub-attribute to the RADIUS and not vice versa.