beautypg.com

H3C Technologies H3C S3100 Series Switches User Manual

Page 305

background image

Operation Manual – AAA – RADIUS – HWTACACS

H3C S3100-52P Ethernet Switch

Chapter 1 AAA & RADIUS & HWTACACS

Configuration

1-6

2) The Identifier field (one byte) is used to match requests and responses. It changes

whenever the content of the Attributes field change, and whenever a valid
response has been received for a previous request, but remains unchanged for
message retransmission.

3) The Length field (two bytes) specifies the total length of the message (including

the Code, Identifier, Length, Authenticator and Attributes fields). The bytes beyond
the length are regarded as padding and are ignored upon reception. If a received
message is shorter than what the Length field indicates, it is discarded.

4) The Authenticator field (16 bytes) is used to authenticate the response from the

RADIUS server; and is used in the password hiding algorithm. There are two kinds
of authenticators: Request Authenticator and Response Authenticator.

5) The Attributes field contains specific authentication/authorization/accounting

information to provide the configuration details of a request or response message.
This field contains a list of field triplet (Type, Length and Value):

z

The Type field (one byte) specifies the type of an attribute. Its value ranges from 1
to 255. Table 1-2 lists the attributes that are commonly used in RADIUS
authentication/authorization.

z

The Length field (one byte) specifies the total length of the attribute in bytes
(including the Type, Length and Value fields).

z

The Value field (up to 253 bytes) contains the information of the attribute. Its format
is determined by the Type and Length fields.

Table 1-2

RADIUS attributes

Type field

value

Attribute type

Type field

value

Attribute type

1 User-Name

23 Framed-IPX-Network

2 User-Password

24 State

3 CHAP-Password

25 Class

4 NAS-IP-Address

26 Vendor-Specific

5 NAS-Port

27 Session-Timeout

6 Service-Type

28 Idle-Timeout

7 Framed-Protocol

29 Termination-Action

8 Framed-IP-Address

30 Called-Station-Id

9 Framed-IP-Netmask

31 Calling-Station-Id

10 Framed-Routing

32 NAS-Identifier

11 Filter-ID

33 Proxy-State

12 Framed-MTU

34 Login-LAT-Service

13 Framed-Compression

35 Login-LAT-Node

14 Login-IP-Host

36 Login-LAT-Group

See also other documents in the category H3C Technologies Routers: