Mixed Environment Question

Paul Stewart paul at paulstewart.org
Mon Jan 30 19:02:11 CET 2012

Hi there.


Thank you to those folks to helped me recently understanding the Juniper
attributes etc - much appreciated.


What is the practical issues with a users file entry that is mixing vendor
attributes?  Ie.


pstewart-stat   Auth-Type = System

        Service-Type = Framed,

        Framed-Protocol = PPP,

        Framed-IP-Address = xxx.xxx.xxx.73,

        Cisco-AVPair = "lcp:interface-config#2=rate-limit output 512000
375000 512000 conform-action transmit exceed-action drop",

        Cisco-AVPair = "lcp:interface-config#1=rate-limit input 512000
375000 512000 conform-action transmit exceed-action drop",

        ERX-Ingress-Policy-Name = lite,

        ERX-Egress-Policy-Name = lite


So far I have tested this on a Juniper ERX and it simply ignores the Cisco
attributes, which was what I'm hoping for.


I plan to float some Juniper attributes towards some Cisco gear at some
point to see how it handles it.  Anyone have much practical experience with
this?  Is it expected to always ignore additional VSA's or is it a 'crap
shoot' depending on the vendor?


We have customers that sometimes will connect to Cisco for example, but
could also connect that same username to a Juniper (not at the same time,
but within minutes of one another).  I am trying to come up with a users
file entry that keeps all vendor specific attributes in intact - am I
playing with fire?






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120130/a6cd4d68/attachment.html>

More information about the Freeradius-Users mailing list