RE: Mixed Environment Question

2012-01-31 Thread Paul Stewart
: freeradius-users-bounces+paul=paulstewart@lists.freeradius.org [mailto:freeradius-users-bounces+paul=paulstewart@lists.freeradius.org] On Behalf Of Alan DeKok Sent: Tuesday, January 31, 2012 2:32 AM To: FreeRadius users mailing list Subject: Re: Mixed Environment Question Paul Stewart wrote: I

Mixed Environment Question

2012-01-30 Thread Paul Stewart
Hi there. Thank you to those folks to helped me recently understanding the Juniper attributes etc - much appreciated. What is the practical issues with a users file entry that is mixing vendor attributes? Ie. pstewart-stat Auth-Type = System Service-Type = Framed,

Re: Mixed Environment Question

2012-01-30 Thread Arran Cudbard-Bell
So far I have tested this on a Juniper ERX and it simply ignores the Cisco attributes, which was what I’m hoping for. It has to according to RFC 2865, if it doesn't open a support call with Juniper. I plan to float some Juniper attributes towards some Cisco gear at some point to

RE: Mixed Environment Question

2012-01-30 Thread Paul Stewart
mailing list Subject: Re: Mixed Environment Question So far I have tested this on a Juniper ERX and it simply ignores the Cisco attributes, which was what I'm hoping for. It has to according to RFC 2865, if it doesn't open a support call with Juniper. I plan to float some

Re: Mixed Environment Question

2012-01-30 Thread Arran Cudbard-Bell
@lists.freeradius.org] On Behalf Of Arran Cudbard-Bell Sent: Monday, January 30, 2012 1:18 PM To: FreeRadius users mailing list Subject: Re: Mixed Environment Question So far I have tested this on a Juniper ERX and it simply ignores the Cisco attributes, which was what I’m hoping for. It has

RE: Mixed Environment Question

2012-01-30 Thread Paul Stewart
@lists.freeradius.org [mailto:freeradius-users-bounces+paul=paulstewart@lists.freeradius.org] On Behalf Of Arran Cudbard-Bell Sent: Monday, January 30, 2012 2:29 PM To: FreeRadius users mailing list Subject: Re: Mixed Environment Question Hi Paul, Just double checked and found this is actually only

Re: Mixed Environment Question

2012-01-30 Thread Alan DeKok
Paul Stewart wrote: I will roll a ticket with Juniper as their MX series in my testing does **not** ignore additional VSA’s – I just proved it out in our lab. What does it do? I suppose I shouldn't be surprised at the crazy things people do to break RADIUS. Alan DeKok. - List

Re: Mixed Environment Question

2012-01-30 Thread Alan DeKok
Arran Cudbard-Bell wrote: Hmm RFC 5080 expounds a bit more on Clients and attribute processing: In general, it is best for a RADIUS client to err on the side of caution. On receiving an Access-Accept including an attribute of known Type for an unimplemented service, a RADIUS client