Filter
Top Products
16-7
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 16 Configuring RADIUS Features
Extended NAS-Port-Type and NAS-Port Support
Feature History for Extended NAS-Port-Type and NAS-Port Support
NAS-Port-Type (RADIUS Attribute 61)
Remote Authentication Dial-In User Service (RADIUS) attributes are used to define specific Authentication,
Authorization, and Accounting (AAA) elements in a user profile, which is stored on the RADIUS daemon.
Currently the Internet Engineering Task Force (IETF) RADIUS attributes that are supported include an
attribute 61, NAS-Port-Type. NAS-Port-Type indicates the type of physical port the network access
server (NAS) is using to authenticate the user.
However there was no method to identify NAS-Port-Type based on a specific broadband service type
because the RADIUS RFC does not support extended types that defines these types of ports. Basically
all PPPoA, PPPoEoE, and PPPoEoA sessions were identified as being VIRTUAL and all PPPoEoVLAN
and PPPoEoQinQ as ETHERNET.
The Extended NAS-Port-Type Attribute Support feature expands NAS-Port-Type, attribute 61, in order
that the client can better identify what type of service is taking place on the different types of ports.
One advantage of this feature is that service providers can have their own coding mechanism to track
users on given ports differently. Service providers may especially want to track customers using shared
resources such as Ethernet or ATM interfaces that have VLANs (or Q-in-Q) and VCs connected to
certain customers.
The configuration command radius-server attribute 61 extended enables identifying the following
new non-RFC compliant, broadband service port types that are indicated by the following numeric
values:
• Value 30: PPPoA
• Value 31: PPPoEoA
• Value 32: PPPoEoE
• Value 33: PPPoEoVLAN
• Value 34: PPPoEoQinQ
An additional capability is that subinterfaces such as VLAN, Q-in-Q, VC, or VC ranges are allowed to
override the NAS-Port-Type attribute value to be sent on any session that resides on it. This capability
provides an extra level of granularity for service providers in managing their end users and allows for
further differentiation of different customer usage. This capability is provided with the radius attribute
nas-port-type [value] command.
The value for NAS-Port-Type can be any number chosen by the customer. In particular, customizing your
own value is useful when you need to differentiate the NAS-Port-Type based on which type of end client
is actually using the port. For example if you want to track mobile clients behind a specific PVC, you
can define your own NAS-Port-Type for mobile clients.
Cisco IOS Release Description Required PRE
12.3(7)XI1 This feature was introduced on the Cisco 10000 series
router.
PRE2
12.2(28)SB This feature was integrated into Cisco IOS Release
12.2(28)SB.
PRE2