: freeradius-users-bounces+paul=paulstewart@lists.freeradius.org
[mailto:freeradius-users-bounces+paul=paulstewart@lists.freeradius.org] On
Behalf Of Alan DeKok
Sent: Tuesday, January 31, 2012 2:32 AM
To: FreeRadius users mailing list
Subject: Re: Mixed Environment Question
Paul Stewart wrote:
I
Hi there.
Thank you to those folks to helped me recently understanding the Juniper
attributes etc - much appreciated.
What is the practical issues with a users file entry that is mixing vendor
attributes? Ie.
pstewart-stat Auth-Type = System
Service-Type = Framed,
So far I have tested this on a Juniper ERX and it simply ignores the Cisco
attributes, which was what I’m hoping for.
It has to according to RFC 2865, if it doesn't open a support call with Juniper.
I plan to float some Juniper attributes towards some Cisco gear at some point
to
mailing list
Subject: Re: Mixed Environment Question
So far I have tested this on a Juniper ERX and it simply ignores the Cisco
attributes, which was what I'm hoping for.
It has to according to RFC 2865, if it doesn't open a support call with
Juniper.
I plan to float some
@lists.freeradius.org]
On Behalf Of Arran Cudbard-Bell
Sent: Monday, January 30, 2012 1:18 PM
To: FreeRadius users mailing list
Subject: Re: Mixed Environment Question
So far I have tested this on a Juniper ERX and it simply ignores the Cisco
attributes, which was what I’m hoping for.
It has
@lists.freeradius.org
[mailto:freeradius-users-bounces+paul=paulstewart@lists.freeradius.org]
On Behalf Of Arran Cudbard-Bell
Sent: Monday, January 30, 2012 2:29 PM
To: FreeRadius users mailing list
Subject: Re: Mixed Environment Question
Hi Paul,
Just double checked and found this is actually only
Paul Stewart wrote:
I will roll a ticket with Juniper as their MX series in my testing does
**not** ignore additional VSA’s – I just proved it out in our lab.
What does it do?
I suppose I shouldn't be surprised at the crazy things people do to
break RADIUS.
Alan DeKok.
-
List
Arran Cudbard-Bell wrote:
Hmm RFC 5080 expounds a bit more on Clients and attribute processing:
In general, it is best for a RADIUS client to err on the side of
caution. On receiving an Access-Accept including an attribute of
known Type for an unimplemented service, a RADIUS client
8 matches
Mail list logo