[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]

SDX 6.4.x Integration Guide > Integrating Merit RADIUS > Extending Dictionary Files with JUNOSe Parameters for the Merit AAA Server

Extending Dictionary Files with JUNOSe Parameters for the Merit AAA Server

In addition to supporting standard RADIUS attributes, the JUNOSe router supports JUNOSe-specific attributes. These attributes must be introduced to the Merit AAA server. You must use the RADIUS attributes for both Merit AAA server-JUNOSe router integration and Merit AAA server-JUNOSe router-SDX integration. See the JUNOSe Broadband Access Configuration Guide for more information about the RADIUS attributes supported by the JUNOSe router.

If you use the Merit AAA server package that we supply, you do not need to extend the dictionary files, and you can proceed to the next section. If, however, you use another version of the Merit AAA server, you must extend the dictionary file.

In such a case, move to the configuration directory of the Merit AAA installation, and edit the dictionary file. Append the JUNOSe-specific attributes to the dictionary file in the following way:

  1. Access the directory in which you installed the Merit AAA installation.
    2. cd /opt/UMC/radius
  2. Open the radius.dct file.
  3. At the end of the file, add the JUNOSe attributes. 
    4. # Juniper Networks Inc.

    #       E-series Extensions

    

    Juniper.attr     Virtual-Router-Name           1  string      (1, 0, 0)

    Juniper.attr     Address-Pool-Name             2  string      (1, 0, 0)

    Juniper.attr     Local-Loopback                3  string      (1, 0, 0)

    Juniper.attr     Primary-DNS                   4  ipaddr      (1, 0, 0)

    Juniper.attr     Secondary-DNS                 5  ipaddr      (1, 0, 0)

    Juniper.attr     Primary-WINS                  6  ipaddr      (1, 0, 0)

    Juniper.attr     Secondary-WINS                7  ipaddr      (1, 0, 0)

    Juniper.attr     Tunnel-Virtual-Router         8  string      (1, 0, 0)

    Juniper.attr     Tunnel-Password               9  string      (1, 0, 0)

    Juniper.attr     Ingress-Policy-Name           10 string      (1, 0, 0)

    Juniper.attr     Egress-Policy-Name            11 string      (1, 0, 0)

    Juniper.attr     Ingress-Statistics            12 integer     (1, 0, 0)

    Juniper.attr     Egress-Statistics             13 integer     (1, 0, 0)

    Juniper.attr     Atm-Service-Category          14 integer     (1, 0, 0)

    Juniper.attr     Atm-PCR                       15 integer     (1, 0, 0)

    Juniper.attr     Atm-SCR                       16 integer     (1, 0, 0)

    Juniper.attr     Atm-MBS                       17 integer     (1, 0, 0)

    Juniper.attr     Cli-Initial-Access-Level      18 string      (1, 0, 0)

    Juniper.attr     Cli-Allow-All-VR-Access       19 integer     (1, 0, 0)

    Juniper.attr     Alternate-Cli-Access-Level    20 string      (1, 0, 0)

    Juniper.attr     Alternate-Cli-Vrouter-Name    21 string      (1, 0, 0)

    Juniper.attr     Sa-Validate                   22 integer     (1, 0, 0)

    Juniper.attr     Igmp-Enable                   23 integer     (1, 0, 0)

    Juniper.attr     Pppoe-Description             24 string      (1, 0, 0)

    Juniper.attr     Redirect-VR-Name              25 string      (1, 0, 0)

    Juniper.attr     Qos-Profile-Name              26 string      (1, 0, 0)

    Juniper.attr     Pppoe-Max-Sessions            27 integer     (1, 0, 0)

    Juniper.attr     Pppoe-Url                     28 string      (1, 0, 0)

    Juniper.attr     Qos-Profile-Interface-Type    29 integer     (1, 0, 0)

    Juniper.attr     Tunnel-Nas-Port-Method        30 integer     (1, 0, 0)

    Juniper.attr     Service-Bundle                31 string      (1, 0, 0)

    Juniper.attr     Tunnel-Tos                    32 integer     (1, 0, 0)

    Juniper.attr     Tunnel-Maximum-Sessions       33 integer     (1, 0, 0)

    Juniper.attr     Framed-Ip-Route-Tag           34 string      (1, 0, 0)

    Juniper.attr     Tunnel-Dialout-Number         35 string      (1, 0, 0)

    Juniper.attr     Ppp-Username                  36 string      (1, 0, 0)

    Juniper.attr     Ppp-Password                  37 string      (1, 0, 0)

    Juniper.attr     Ppp-Authenticate-Protocol     38 integer     (1, 0, 0)

    Juniper.attr     Tunnel-Minimum-Bps            39 integer     (1, 0, 0)

    Juniper.attr     Tunnel-Maximum-Bps            40 integer     (1, 0, 0)

    Juniper.attr     Tunnel-Bearer-Type            41 integer     (1, 0, 0)

    Juniper.attr     Input-Gigapkts                42 integer     (1, 0, 0)

    Juniper.attr     Output-Gigapkts               43 integer     (1, 0, 0)

    Juniper.attr     Tunnel-Interface-Id           44 string      (1, 0, 0)

    Juniper.attr     Ipv6-Virtual-Router           45 string      (1, 0, 0)

    Juniper.attr     Ipv6-Local-Interface          46 string      (1, 0, 0)

    Juniper.attr     Ipv6-Primary-DNS              47 string      (1, 0, 0)

    Juniper.attr     Ipv6-Secondary-DNS            48 string      (1, 0, 0)

    Juniper.attr     Sdx-Service-Name              49 string      (1, 0, 0)

    Juniper.attr     Sdx-Session-Volume-Quota      50 string      (1, 0, 0)

    Juniper.attr     Tunnel-Disconnect-Cause-Info  51 string      (1, 0, 0)

    

    

    #    Ingress-Statistics Values

    

    Juniper.value     Ingress-Statistics          False           0

    Juniper.value     Ingress-Statistics          True            1

    

    #    Egress-Statistics Values

    

    Juniper.value     Egress-Statistics           False           0

    Juniper.value     Egress-Statistics           True            1

    

    #    Atm-Service-Category Values

    

    Juniper.value     Atm-Service-Category        UBR             1

    Juniper.value     Atm-Service-Category        UBRPCR          2

    Juniper.value     Atm-Service-Category        nrtVBR          3

    Juniper.value     Atm-Service-Category        CBR             4

    

    # Cli-Allow-All-VR-Access Values

    

    Juniper.value     Cli-Allow-All-VR-Access     False           0

    Juniper.value     Cli-Allow-All-VR-Access     True            1

    

    # Sa-Validate Values

    

    Juniper.value     Sa-Validate                 False           0

    Juniper.value     Sa-Validate                 True            1

    

    # Igmp-Enable Values

    

    Juniper.value     Igmp-Enable                 False           0

    Juniper.value     Igmp-Enable                 True            1

    

    #    Qos-Profile-Interface-Type Values

    

    Juniper.value     Qos-Profile-Interface-Type     IP              1

    Juniper.value     Qos-Profile-Interface-Type     ATM             2

    Juniper.value     Qos-Profile-Interface-Type     HDLC            3

    Juniper.value     Qos-Profile-Interface-Type     ETHERNET        4

    Juniper.value     Qos-Profile-Interface-Type     SERVER-PORT     5

    Juniper.value     Qos-Profile-Interface-Type     ATM-1483        6

    Juniper.value     Qos-Profile-Interface-Type     FRAME-RELAY     7

    Juniper.value     Qos-Profile-Interface-Type     MPLS-MINOR      8

    Juniper.value     Qos-Profile-Interface-Type     CBF             9

    Juniper.value     Qos-Profile-Interface-Type     IP-TUNNEL       10

    Juniper.value     Qos-Profile-Interface-Type     VLAN-SUB        11

    Juniper.value     Qos-Profile-Interface-Type     PPPOE-SUB       12

    

    #    Tunnel-Nas-Port-Method Values

    

    Juniper.value     Tunnel-Nas-Port-Method         none            0

    Juniper.value     Tunnel-Nas-Port-Method         CISCO-CLID      1

    

    #    Ppp-Authenticate-Protocol

    

    Juniper.value     Ppp-Authenticate-Protocol      None            0

    Juniper.value     Ppp-Authenticate-Protocol      PAP             1

    Juniper.value     Ppp-Authenticate-Protocol      CHAP            2

    Juniper.value     Ppp-Authenticate-Protocol      PAP-CHAP        3

    Juniper.value     Ppp-Authenticate-Protocol      CHAP-PAP        4

    

    #    Tunnel-Bearer-Type

    

    Juniper.value     Tunnel-Bearer-Type             None            0

    Juniper.value     Tunnel-Bearer-Type             ANALOG          1

    Juniper.value     Tunnel-Bearer-Type             DIGITAL         2

The next step defines the JUNOSe router as the network access server (NAS) to be recognized by the Merit AAA server. This involves the extension of the vendor file, which is located in /opt/UMC/radius/etc.

The vendor file contains a list of zero or more vendor entries. Each vendor entry contains a vendor name and a vendor number. Each entry optionally contains an interim way of mapping external (with respect to the RADIUS server) attribute numbers to internal (with respect to the RADIUS server) vendor-specific attributes. This optional mapping is used on RADIUS requests and responses. The following lines must be added, where every line starting with the character "#" indicates a comment: 

# Juniper Networks Inc. extensions 

ERX-VSA.attr ERX-VSA.value 4874 Juniper
[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]