RADIUS Authentication Attributes
Attributes for 802.1X
The RADIUS 802.1X message attributes are:
MESSAGE: Access-Request
ATTRIBUTES:
- User-Name(1)
- NAS-IP-Adress(4)
- NAS-Port(5)
- Called-Station-Id(30) = <mac of Controller>:<ssid string>
- Calling-Station-Id(31)
- Framed-MTU(12)
- NAS-Port-Type(61) = Wireless-802.11(19)
- Connect-Info(77)
- Message-Authenticator(80)
OPTIONAL ATTRIBUTES (depends on EAP type):
- EAP-Message(79)
- State(24)
OPTIONAL ATTRIBUTES (depends on RADIUS based User Management)
- Service-Type(6) = Value:Login(1)
- User-Password(2) = Value:<password string>
MESSAGE: Access-Accept
ATTRIBUTES:
- Framed-Protocol(7) = PPP(1)
- Service-Type(6) = Framed-User(2)
- Class(25)
- Message-Authenticator(80)
OPTIONAL ATTRIBUTES (depends on EAP type):
- EAP-Message(79)
- OPTIONAL ATTRIBUTES (required for RADIUS-assigned VLAN):
- Tunnel-Medium-Type(65) = 802(6)
- Tunnel-Type(64) = VLAN(13)
- Tunnel-Private-Group-Id (81) = <the VLAN ID>
OPTIONAL ATTRIBUTES (depends on RADIUS based User Management)
- Filter-Id(11) = Value:<Privilege Level>:<1-15>