I have the same opinion, Eugene - there should be one place where we can find all those attributes, without memorizing them. That's why I was very happy when I discovered we have a full list on the router - because I have a really short memory! ;-)
Marta Sokolowska. 2012/7/22 Eugene Pefti <[email protected]> Good point, Marta,**** > > I wish there's a consolidated documentation showing how to properly form > those attributes with the required service for different scenarios - > auth-proxy, shell access, VPN and so on.**** > > I.e. we do auth-proxy via RADIUS and it's not enough to know the attribute > name - Name=proxyacl.**** > > The syntax is auth-proxy:proxyacl#1=permit ip any any"**** > > And so on for other situations and scenarios.**** > > ** ** > > Eugene**** > > ** ** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Marta Sokolowska > *Sent:* Saturday, July 21, 2012 4:35 PM > *To:* GuardGrid > *Cc:* ccie_security > *Subject:* Re: [OSL | CCIE_Security] Radius VSA**** > > ** ** > > Type the following command on the router's CLI: > > show aaa attributes > > -- > > Marta Sokolowska.**** > > 2012/7/22 GuardGrid <[email protected]>**** > > Guys,**** > > ** ** > > Where in the documentation do we get the complete listing of all > attributes like below for RADIUS and TACACS for that matter,**** > > ** ** > > ipsec:tunnel-type=ESP**** > > ipsec:key-exchange=IKE**** > > ipsec:tunnel-password=ipexpert**** > > ipsec:inacl=SPLIT**** > > ipsec:save-password=1**** > > ** ** > > ** ** > > I found some in examples for configuring EZVPN but not a seperate section > of just these VSA not IETF's.**** > > ** ** > > Let me know.**** > > ** ** > > ** ** > -- -- Marta SokoĊowska.
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
