From dictionary.tunnel...
ATTRIBUTE Tunnel-Type 64 integer has_tag
what is mean by "has_tag"??
I'm currently working on RADIUS - MPLS-VPN project, and from example given by cisco.. Some of attributes needed for doing L2TP tunnelling are as below:
Tunnel-Type = :1:L2TP Tunnel-Medium-Type = :1:IP Tunnel-Server-Endpoint = :1:172.21.9.13
So what is ":1" from ":1:L2TP" means ??
The ":1" is the tag, and the "has_tag" portion of the dictionary definition you refer to above informs the RADIUS software that it should expect (or append when necessary) certain characters as part of the attribute.
From the RFCs included in the 'rfc' sub-directory of the 'doc' directory of the FreeRADIUS source code:
Tag
The Tag field is one octet in length and is intended to provide a
means of grouping attributes in the same packet which refer to the
same tunnel. Valid values for this field are 0x01 through 0x1F,
inclusive. If the value of the Tag field is greater than 0x00 and
less than or equal to 0x1F, it SHOULD be interpreted as indicating
which tunnel (of several alternatives) this attribute pertains;
otherwise, the Tag field SHOULD be ignored.The tags mean nothing to the RADIUS server itself; the definition above is explaining how the NAS is going to use/interpret the Tag.
As well, I'm not sure which RADIUS server that syntax (e.g. Tunnel-Type = :1:L2TP) is correct for, but for FreeRADIUS the attributes should be configured as follows:
Tunnel-Password:0 = "xxxxxxxx", Tunnel-Medium-Type:0 = IP, Tunnel-Type:0 = L2TP, Tunnel-Server-Endpoint:0 = "xxx.xxx.xxx.xxx"
HTH,
Chris Brotsos
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
