Vendor specific attributes in Access-Accept message
Alan DeKok
aland at deployingradius.com
Sat Sep 22 00:32:51 CEST 2018
On Sep 21, 2018, at 6:08 PM, Andrei Abonyo Omondi <AOmondi at Safaricom.co.ke> wrote:
>
> Hello i am trying to send below two Cisco Vendor Specific Attributess in every access-accept message. How do i do this?
You add them like any other attribute. There are many, many, examples included with the server.
> CiscoAVPair := "subqos-policy-in=S99_IN_POLICING_5Mbps"
> CiscoAVPair := "subqos-policy-out=S99_OUT_POLICING_5Mbps"
>
> I've read that i need to add the VSAs to the dictionary but i cant figure out how to do this.
No, you don't need to do this.
> Also how do i set the rule that in every access-accept the VSA are sent?
The server configuration is run for every Access-Request. If the user is accepted, they will always get the same response.
> I tried adding them to the user file luck this but no luck…
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - -
> testing Cleartext-Password := "password"
> CiscoAVPair := "subqos-policy-in=S99_IN_POLICING_5Mbps"
> CiscoAVPair := "subqos-policy-out=S99_OUT_POLICING_5Mbps"
That's not formatted correctly. It helps to read the file you're editing. There are many, many, examples in that file of correctly formatted entries.
See also "man users". This is documented.
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - -
>
> This is what I'm getting from radiusd -X output
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
> reading pairlist file /etc/raddb/mods-config/files/authorize
> /etc/raddb/mods-config/files/authorize[90]: Parse error (reply) for entry testing: Expecting operator
The file is formatted incorrectly.
> Failed reading /etc/raddb/mods-config/files/authorize
> /etc/raddb/mods-enabled/files[9]: Instantiation failed for module "files"
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
>
> If someone could also point me to a good guide or wiki on adding and testing VSAs that would be great
This has nothing to do with VSAs. You need to format the file correctly.
Alan DeKok.
More information about the Freeradius-Users
mailing list