Freeradius authentication for VSP VOSS Switch

shamsher singh mr.shamshersingh at gmail.com
Thu Mar 23 22:01:22 UTC 2023 

How would I configure the following on the Freeradius, the following works
on the Windows server 2016 radius client.

The following are the default RADIUS Vendor Specific Attribute values
supported by VOSS switches. The same attribute values need to be configured
on RADIUS server.

The RADIUS server needs to be configured to send the Vendor Specific
Attribute (VSA), identified as Attribute 26, back to the VSP containing the
following values:

   - The Vendor Code value for the Vendor Specific Attribute is: 1584.
   - The Vendor Assigned Attribute Number for the Vendor Specific Attribute
   is 192.
   - The Attribute Format for the Vendor Specific Attribute is: decimal.
   - The Attribute Value for the Vendor Specific Attribute is 6.

Attribute 26 which is the Vendor-Specific attribute (VSA) within RADIUS
which encapsulates vendor specific attributes. Attribute 26 allows vendors
to support their own custom attributes.

Shamsher

On Sat, Mar 4, 2023 at 6:02 AM Igor Smitran <sigor at blic.net> wrote:

> It looks like you are sending attribute that your switch doesn't recognize.
>
> Maybe you should send something like
>
> Access-Priority = 6
>
> instead of
>
> Service-Type = Administrative-User
>
> Maybe your switch rejects all access requests that contain unrecognized
> attributes.
>
> Also, you should include freeradius dictionary in freeradius in case you
> didn't.
>
>
> Igor
>
> On 4.3.23. 02:18, Alan DeKok wrote:
> > On Mar 3, 2023, at 7:48 PM, shamsher singh<mr.shamshersingh at gmail.com>
> wrote:
> >> As per the Extreme support
> >    Copying web pages to the mailing list won't help.
> >
> >> eg : "Free Radius" Script :
> >    That's a dictionary.  We know what it is.  We already have copies.
> >
> >> I am not sure what else to configure on the switch or on the Freeradius.
> >    It's a networking issue, or a shared secret issue.
> >
> >    FreeRADIUS sends an Access-Accept.  FreeRADIUS is working fine.
> >
> >    Something else in the network is broken.  We don't know what it is.
> But we do know that it's not FreeRADIUS.
> >
> >    This is not a problem we can help with.
> >
> >    Alan DeKok.
> >
> > -
> > List info/subscribe/unsubscribe? Seehttp://
> www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list