Per Vendor NAS-Port documentation

Alan DeKok aland at
Wed Mar 30 18:48:49 CEST 2011

Olivier Bilodeau wrote:
> I was wondering if there has been a collective effort to document the
> meaning of the NAS-Port by the various Network Vendors?

  Some, not much.

> We are working on PacketFence here (an open source NAC) and we translate
> the NAS-Port to the ifIndex so we can request a dot1x reauthentication
> to the ifIndex if we want to (ie: IDS event).

  That might work.  Sometimes.

> We've done the translation by ourselves since vendor documentation is
> often lacking and I was thinking there must exist such a resource. Does
> anyone here know?

  If we have information, it's on the Wiki.  Otherwise... it's hard.

  Most switch vendors do the Right Thing, and map NAS-Port to the switch
port.  For PPP, DSL, or WiFi systems, the NAS-Port is often meaningless.

> I know we could use CoA with the original NAS-Port but it's less
> supported than the SNMP PAE Reauthenticate MIBs.


  Alan DeKok.

More information about the Freeradius-Users mailing list