User Guide
OmniAccess SafeGuard OS Administration Guide
295
Chapter 6: Configuring Authentication and Role Derivation
For example, the following shows the specification of the 3Com Corporations’s User
Access Level attribute:
3com 43 3Com-User-Access-Level 1 integer
The user downloads a VSA file by using the following copy command:
copy tftp:/ip/filename radius-dictionary
After the file completes downloading, the syntax is checked. If there are errors they are
printed to the console and no update action is taken. When the file has successfully
parsed, the file is copied to permanent storage and the box must be rebooted using the
reload command. When the box reboots, the VSAs are added to the CLI and to the
parsing engine.
type Each vendor has a unique 3-byte OUI which is
appended to a one-byte tag to provide a VSA
value. These are conforming attributes. Each
conforming attribute in the system can be of the
following types:
■ int – The protocol unit being specified is
converted into a standard 32-bit signed
integer. If fewer than 4 bytes are found in the
PDU the resulting value is sign extended. If
more than 4 bytes are found, the value is
truncated.
■ uint – The protocol unit being specified. It is
converted into a standard 32-bit unsigned
integer. The rules are the same as for signed
integers.
■ MAC – 6 byte MAC address. MAC addresses
may be specified in any of the following
formats:
aa:bb:cc:dd:ee:ff
aabb:ccdd:eeff
aa-bb-cc-dd-ee-ff
aabb.ccdd.eeff
aabbccddeeff
■ IP – 4 byte IP address.
■ string – The printable characters in the
protocol unit are copied into a NULL-
terminated character string. The value will be
truncated at the first non-printable character.
Syntax
Description
ip The IP address.
filename The filename of the VSA file.