Hi there.
Thank you to those folks to helped me recently understanding the Juniper
attributes etc - much appreciated.
What is the practical issues with a users file entry that is mixing vendor
attributes? Ie.
pstewart-stat Auth-Type = System
Service-Type = Framed,
Framed-Protocol = PPP,
Framed-IP-Address = xxx.xxx.xxx.73,
Cisco-AVPair = "lcp:interface-config#2=rate-limit output 512000
375000 512000 conform-action transmit exceed-action drop",
Cisco-AVPair = "lcp:interface-config#1=rate-limit input 512000
375000 512000 conform-action transmit exceed-action drop",
ERX-Ingress-Policy-Name = lite,
ERX-Egress-Policy-Name = lite
So far I have tested this on a Juniper ERX and it simply ignores the Cisco
attributes, which was what I'm hoping for.
I plan to float some Juniper attributes towards some Cisco gear at some
point to see how it handles it. Anyone have much practical experience with
this? Is it expected to always ignore additional VSA's or is it a 'crap
shoot' depending on the vendor?
We have customers that sometimes will connect to Cisco for example, but
could also connect that same username to a Juniper (not at the same time,
but within minutes of one another). I am trying to come up with a users
file entry that keeps all vendor specific attributes in intact - am I
playing with fire?
;)
Paul
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
