FreeRadius with 3COM

Bjørn Mork bjorn at mork.no
Sat Nov 7 12:32:53 CET 2009


Alan DeKok <aland at deployingradius.com> writes:
> Bjørn Mork wrote:
>> tnt at kalik.net writes:
>>> Switch users guide. It will tell you what attributes and what values to
>>> return.
>> 
>> Really?  That would be most unusual.
>
>   The documentation from normal switch vendors includes instructions on
> how to configure the switch.  e.g. from the CLI, or from RADIUS.

Yes.  But usually that documentation is limited to how you configure
radius server address, port and key, and sometimes timeouts and/or
failover strategy.  VSAs are also usually documented.  But the standard
RFC attributes and their meaning to the switch/router are rarely
documented in my experience.

Now, you could argue that those attributes are documented in RFCs which
the documentation most often will refer to, which of course is correct.
But the fact is that the answer to this particular question isn't very
obvious the first time you configure management access to a switch (or
router or access point or whatever).  And we've all been there.  Some of
us were lucky and inherited a working configuration a decade ago.  Some
are not so lucky.

I may be wrong (please prove me so!), but I don't think pointing to the
switch documentation will ever help if you got the Service-Type wrong.

>   If the documentation does not contain instructions for how to
> configure the switch, you should throw it in the garbage, and by a
> switch from a real vendor.

Oh, the documentation does contain instructions for how to configure the
switch.  But in vendor language "configure the switch" means using the
CLI or web GUI.  Interpretation of standard RADIUS attributes, or any
other protocol for that sake, is not considered part of the configuration. 
So you will know how to configure the switch, but you just don't know
how to configure the other end.  From the switch vendor's point of view,
that is part of the RADIUS server documentation.



Bjørn




More information about the Freeradius-Users mailing list