R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101
118
No. Attribute No.
Attribute
28 Idle-Timeout 75 Password-Retry
29 Termination-Action 76 Prompt
30 Called-Station-Id 77 Connect-Info
31 Calling-Station-Id 78 Configuration-Token
32 NAS-Identifier 79 EAP-Message
33 Proxy-State 80 Message-Authenticator
34 Login-LAT-Service 81 Tunnel-Private-Group-id
35 Login-LAT-Node 82 Tunnel-Assignment-id
36 Login-LAT-Group 83 Tunnel-Preference
37 Framed-AppleTalk-Link 84 ARAP-Challenge-Response
38 Framed-AppleTalk-Network 85 Acct-Interim-Interval
39 Framed-AppleTalk-Zone 86 Acct-Tunnel-Packets-Lost
40 Acct-Status-Type 87 NAS-Port-Id
41 Acct-Delay-Time 88 Framed-Pool
42 Acct-Input-Octets 89 (unassigned)
43 Acct-Output-Octets 90 Tunnel-Client-Auth-id
44 Acct-Session-Id 91 Tunnel-Server-Auth-id
NOTE:
• The attribute types listed in Table 41 a
re defined in RFC 2865, RFC 2866, RFC 2867, and RFC 2868.
• For more information about commonly used standard RADIUS attributes, see “Commonly used
standard RADIUS attributes.“
Extended RADIUS attributes
The RADIUS protocol features excellent extensibility. Attribute 26 (Vender-Specific), an attribute defined
by RFC 2865, allows a vender to define extended attributes to implement functions that the standard
RADIUS protocol does not provide.
A vendor can encapsulate multiple sub-attributes in the type-length-value (TLV) format in RADIUS packets
for extension of applications. As shown in Figure 85, a sub-at
tribute encapsulated in Attribute 26 consists
of the following parts:
• Vendor-ID—Indicates the ID of the vendor. Its most significant byte is 0; the other three bytes
contains a code that is compliant to RFC 1700. The vendor ID of HP is 25506. For more information
about the proprietary RADIUS sub-attributes of HP, see “HP proprietary RADIUS sub-attributes.“
• Vendor-Type—Indicates the type of the sub-attribute.
• Vendor-Length—Indicates the length of the sub-attribute.
• Vendor-Data—Indicates the contents of the sub-attribute.