Filter
Top Products
Chapter 16 Port Authentication
GS-3012/GS-3012F User’s Guide
124
" Refer to the documentation that comes with your RADIUS server on how to
configure a VSA.
The following table describes the VSAs supported on the switch.
16.1.1.2 Tunnel Protocol Attribute
You can configure tunnel protocol attributes on the RADIUS server to assign a port on the
switch to a VLAN (fixed, untagged). This will also set the port’s VID. Refer to RFC 3580 for
more information.
Table 38 Supported VSA
FUNCTION ATTRIBUTE
Ingress Bandwidth
Assignment
Vendor-Id = 890
(ZyXEL)
Vendor-Type = 1
Vendor-data = ingress rate (decimal)
Egress Bandwidth
Assignment
Vendor-Id = 890 (ZyXEL)
Vendor-Type = 2
Vendor-data =
egress rate (decimal)
Privilege Assignment Vendor-ID = 890 (ZyXEL)
Vendor-Type = 3
Vendor-Data = "shell:priv-lvl=N"
or
Vendor-ID = 9 (CISCO)
Vendor-Type = 1 (CISCO-AVPAIR)
Vendor-Data = "shell:priv-lvl=N"
where
N is a privilege level (from 0 to 14).
Note: If you set the privilege level of a login account differently
on the RADIUS server(s) and the switch, the user is
assigned a privilege level from the database (RADIUS or
local) the switch uses first for user authentication.
Table 39 Supported Tunnel Protocol Attribute
FUNCTION ATTRIBUTE
VLAN Assignment Tunnel-Type = VLAN(13)
Tunnel-Medium-Type = 802(6)
Tunnel-Private-Group-ID =
VLAN ID
Note: You must also create a VLAN with the specified VID on
the switch.