bjorn at mork.no
Thu Aug 25 13:08:18 CEST 2005
I was hoping to send a few salt-encrypted VSAs to an ERX using
FreeRADIUS Version 1.0.4, but I can't find any examples of how to do
that. Is it possible, and if so, how?
The format of the VSAs is documented on
My initial (far fetched) attempt was to modify dictionary.erx like
VENDOR ERX 4874
ATTRIBUTE ERX-Virtual-Router-Name 1 string
ATTRIBUTE ERX-LI-Action 58 integer encrypt=1
ATTRIBUTE ERX-Med-Dev-Handle 59 string encrypt=1
ATTRIBUTE ERX-Med-Ip-Address 60 ipaddr encrypt=1
ATTRIBUTE ERX-Med-Port-Number 61 integer encrypt=1
VALUE ERX-LI-Action off 0
VALUE ERX-LI-Action on 1
VALUE ERX-LI-Action noop 2
I also tried the other documented encrypt-values, with no success. As
probably should be expected?
The ERX seems to just ignore Access-Accept packets with any of these
attributes. They are not even logged as received. Not much help
Cisco has a bit better documentation with some examples (but not for
Does anyone have an idea of how to do this with FreeRADIUS?
More information about the Freeradius-Users