R2511-HP MSR Router Series Security Configuration Guide(V5)
17
Figure 9 Network diagram
This feature can help a multi-VPN-instance CE to implement portal authentication for VPNs. For more
information about multi-VPN-instance CEs, see MPLS Configuration Guide. For more information about
portal authentication, see "Configuring portal."
Protocols and standards
The following protocols and standards are related to AAA, RADIUS, and HWTACACS:
• RFC 2865, Remote Authentication Dial In User Service (RADIUS)
• RFC 2866, RADIUS Accounting
• RFC 2867, RADIUS Accounting Modifications for Tunnel Protocol Support
• RFC 2868, RADIUS Attributes for Tunnel Protocol Support
• RFC 2869, RADIUS Extensions
• RFC 1492, An Access Control Protocol, Sometimes Called TACACS
RADIUS attributes
This section provides tables of commonly used standard RADIUS attributes and HP proprietary RADIUS
sub-attributes.
Commonly used standard RADIUS attributes
No. Attribute Descri
p
tion
1 User-Name Name of the user to be authenticated.
2 User-Password
User password for PAP authentication, only present in Access-Request
packets when PAP authentication is used.
3 CHAP-Password
Digest of the user password for CHAP authentication, only present in
Access-Request packets when CHAP authentication is used.
4 NAS-IP-Address
IP address for the server to use to identify a client. Usually, a client is
identified by the IP address of its access interface. This attribute is only
present in Access-Request packets.
5 NAS-Port Physical port of the NAS that the user accesses.
6 Service-Type Type of service that the user has requested or type of service to be provided.
7 Framed-Protocol Encapsulation protocol for framed access.