User-definable attributes in the RADIUS client

As of LCOS version 9.20, LANconfig provides the option to independently configure all of the RADIUS attributes for the communications with RADIUS servers.

In LANconfig, you configure the attributes under Communication > RADIUS in the sections Authentication via RADIUS for PPP and clip and Tunnel authentication via RADIUS for L2TP.

Attribute values

LCOS facilitates the configuration of the RADIUS attributes used to communicate with a RADIUS server (for authentication and accounting). The attributes are specified in a semicolon-separated list of attribute numbers or names along with a corresponding value in the form <Attribute_1>=<Value_1>;<Attribute_2>=<Value_2>. As the number of characters is limited, the name can abbreviated. The abbreviation must be unique, however. Examples:

• NAS-Port=1234 is not allowed, because the attribute is not unique (NAS-Port, NAS-Port-Id or NAS-Port-Type).
• NAS-Id=ABCD is allowed, because the attribute is unique (NAS-Identifier).

Attribute values can be used to specify names or RFC-compliant numbers. For the device , the specifications Service-Type=Framed and Service-Type=2 are identical. Specifying a value in quotation marks ("<Value>") allows you to specify special characters such as spaces, semicolons or equals signs. The quotation mark requires a leading backslash (\"), as does the backslash itself (\\). The following variables are permitted as values:

%n

Device name

%e

Serial number of the device

%%

Percent sign

%{name}

Original name of the attribute as transferred by the RADIUS application. This allows attributes to be set with the original RADIUS attributes, for example: Called-Station-Id=%{NAS-Identifier} sets the attribute Called-Station-Id to the value with the attribute NAS-Identifier.