Hi guys,
here are some links covering RADIUS attributes.
For the purpose of quick navigation during the lab, I reckon it is
better to refer to some documents where those attributes are within a
context, not just a bare list.
IOS EZ VPN related
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_esyvpn/configuration/12-4t/sec-easy-vpn-srvr.html#GUID-D0BC5B4D-7BDB-44B6-B49F-EBBD79F1D185
*IOS SSL VPN related*
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_sslvpn/configuration/12-4t/sec-conn-sslvpn-ssl-vpn.html#GUID-F005501D-8992-48A9-8D4A-7650D7554A3F
ASA EZ VPN and SSL VPN related
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ref_extserver.html#wp1661512
ACS RADIUS attributes reference list
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/A_RADAtr.html
ACS TACACS attributes list
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2.1/User_Guide/A_TACAtr.html
CAR RADIUS attributes list
http://www.cisco.com/en/US/docs/net_mgmt/access_registrar/5.1/user/guide/a_attrib.html
HTHJ
A.
On 7/22/2012 12:10 PM, Eugene Pefti wrote:
Good point, Marta,
I wish there's a consolidated documentation showing how to properly
form those attributes with the required service for different
scenarios -- auth-proxy, shell access, VPN and so on.
I.e. we do auth-proxy via RADIUS and it's not enough to know the
attribute name - Name=proxyacl.
The syntax is auth-proxy:proxyacl#1=permit ip any any"
And so on for other situations and scenarios.
Eugene
*From:*[email protected]
[mailto:[email protected]] *On Behalf Of
*Marta Sokolowska
*Sent:* Saturday, July 21, 2012 4:35 PM
*To:* GuardGrid
*Cc:* ccie_security
*Subject:* Re: [OSL | CCIE_Security] Radius VSA
Type the following command on the router's CLI:
show aaa attributes
--
Marta Sokolowska.
2012/7/22 GuardGrid <[email protected] <mailto:[email protected]>>
Guys,
Where in the documentation do we get the complete listing of all
attributes like below for RADIUS and TACACS for that matter,
ipsec:tunnel-type=ESP
ipsec:key-exchange=IKE
ipsec:tunnel-password=ipexpert
ipsec:inacl=SPLIT
ipsec:save-password=1
I found some in examples for configuring EZVPN but not a seperate
section of just these VSA not IETF's.
Let me know.
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
