Can FreeRADIUS send non-standard VSAs?
aland at deployingradius.com
Fri Apr 26 22:16:13 CEST 2019
On Apr 26, 2019, at 2:54 PM, Ian Pilcher <arequipeno at gmail.com> wrote:
> I'm beating my head against the RBAC VSAs used by a couple of Dell /
> Force 10 switches. Specifically, I am trying to figure out the binary
> format of the "Force10-avpair" VSA that is documented here:
> You'll note that the documentation makes no mention of a vendor-specific
> ID for the Force10-avpair attribute. Neither does anything else that
> Google can find, and Dell support is completely flummoxed.
Given that they're copying the Cisco-AVPair functionality, the best guess is that it's ID 1.
> I'm starting to think that it's possible that there is no ID. Maybe
> Force 10 ignored the latter part of section 5.26 of RFC 2865 and just
> defined their VSA(s) as a simple string (without any vendor type or
> vendor length fields).
> Is it possible to get FreeRADIUS to send a VSA like this?
Vendor-Specific := 0x010203040506070809 ...
More information about the Freeradius-Users