Cisco Hack

Arran Cudbard-Bell a.cudbardb at
Fri Jun 6 14:20:26 CEST 2014

On 6 Jun 2014, at 12:44, Alan DeKok <aland at> wrote:

> Arran Cudbard-Bell wrote:
>> I'll add it to the cisco dictionary.
>  Only if it's correct.
>  He could have simply invented the definition, which shouldn't be
> reproduced.

It's a proper cisco attribute name (I checked). AFAIK the Cisco-AVPair definitions don't have proper protocol equivalent? As in There's no proper DSP-ID VSA defined by Cisco, only the one in their shitty format.

I'm guessing the reason why the other attributes like that in the Cisco dictionary are given protocol attribute numbers (> 1 && <= 255) is so that FreeRADIUS can be used to proxy to less able RADIUS servers. Is that right?

So numbering of the Cisco-AVPair definitions is really completely arbitrary, they just have to not conflict with actual Cisco VSAs (of which there seems to be a few too).


Arran Cudbard-Bell <a.cudbardb at>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list