HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

201

202

203

204

205

206

207

208

209

210

195

No. Attribute Descri

tion

12 Framed-MTU MTU for the data link between the user and NAS.

14 Login-IP-Host IP address of the NAS interface that the user accesses.

15 Login-Service Type of the service that the user uses for login.

18 Reply-Message

Text to be displayed to the user, which can be used by the server to indicate,

for example, the reason of the authentication failure.

26 Vendor-Specific

Vendor specific attribute. A packet can contain one or more such proprietary

attributes, each of which can contain one or more sub-attributes.

27 Session-Timeout Maximum service duration for the user before termination of the session.

28 Idle-Timeout Maximum idle time permitted for the user before termination of the session.

31 Calling-Station-Id User identification that the NAS sends to the server.

32 NAS-Identifier Identification that the NAS uses to identify itself to the RADIUS server.

40 Acct-Status-Type

Type of the Accounting-Request packet. Possible values include:

• 1—Start.

• 2—Stop.

• 3—Interim-Update.

• 4—Reset-Charge.

• 7—Accounting-On. (Defined in the 3rd Generation Partnership Project.)

• 8—Accounting-Off. (Defined in the 3rd Generation Partnership Project.)

• 9 to 14—Reserved for tunnel accounting.

• 15—Reserved for failed.

45 Acct-Authentic

Authentication method used by the user. Possible values include:

• 1—RADIUS.

• 2—Local.

• 3—Remote.

60 CHAP-Challenge

CHAP challenge generated by the NAS for MD5 calculation during CHAP

authentication.

61 NAS-Port-Type

Type of the physical port of the NAS that is authenticating the user. Possible

values include:

• 15—Ethernet.

• 16—Any type of ADSL.

• 17—Cable (with cable for cable TV).

• 19—WLAN-IEEE 802.11.

• 201—VLAN.

• 202—ATM.

If VLANs are implemented on an Ethernet port, the value of this attribute is

201.

79 EAP-Message

Used to encapsulate EAP packets to allow RADIUS to support EAP

authentication.

80 Message-Authenticator

Used for authentication and verification of authentication packets to prevent

spoofing Access-Requests. This attribute is present when EAP authentication is

used.

87 NAS-Port-Id String for describing the port of the NAS that is authenticating the user.