Filter
Top Products
RSA RADIUS Server 6.1 Administrator’s Guide About RSA RADIUS Server 13
nonstandard attributes that it encounters in the packet. Standard RADIUS
attributes are always defined by the
radius.dct file. If you do not know the
make/model for a RADIUS client, choose the default option:
- Standard
Radius -
.
For the most part, the selections currently available in the
Make/model field are
devices whose vendors have provided up-to-date attribute dictionaries.
Documentation for these vendors and their products is available online by
clicking the
Web info button on the RADIUS Clients panel (described on
page 45).
Updating Attribute Information
If your RAS vendor announces a new product, a new attribute, or a new value for
an attribute, you can add this information to your RSA RADIUS Server
configuration. You can edit the dictionary file for that vendor to add new
attributes or attribute values, or you can create a new vendor-specific dictionary
file that contains new attributes and values.
For information on modifying vendor dictionary files, refer to the
RSA RADIUS Server 6.1 Reference Guide.
Attribute Lists
You can use profiles to control authentication at finer levels of detail than simple
user ID and password checking allow. Checklists and return lists provide powerful
tools for the authentication and authorization of users.
Checklist Attributes
A checklist is a list of attributes that must accompany the request for connection
before the connection request can be authenticated. The RAS must send
attributes that match the checklist associated with a user entry; otherwise,
RSA RADIUS Server rejects the user even if the user’s name and password are
valid.
By including appropriate attributes in the checklist, a variety of rules can be
enforced. For example, only specific users might be permitted to use ISDN or
dial-in connections to a particular RAS, or Caller ID might be used to validate a
user against a list of acceptable originating telephone numbers.
A checklist is created by choosing attributes from a list of all RADIUS attributes
known to the RSA RADIUS Server. This list can include a variety of
vendor-specific attributes.