[j-nsp] JNPR Radius VSA

Marlon Duksa mduksa at gmail.com
Wed Oct 1 17:41:27 EDT 2008 

Hi,

I'm trying to assign filter name to JNPR subscriber on MX  through Radius.

But JNPR debugging is telling me that the attribute that I'm trying to pass
as a filter name from Radius is 'unknown'.

 Does anyone know what could be possibly behind this error message? JNPR
documentation is saying that the attribute should be supported. I also tried
some other JNPR VSA attributes such as Primary-DNS (just to test it) and I
don't get any error message.



Maybe there is something with encoding of the filter-name attribute??



This is how my Radius entry looks like:

DEFAULT         User-Name =~ "([a-z]+):([0-9]+)[^a-z]+([a-z]+):([0-9]+)$",
Auth-Type := Local, User-Password == "usrpass"

                        ERX-Ingress-Policy-Name = "ingress",       <- this
is the attribute that I'm trying to pass





this is the attribute definition from the dictionary file:

ATTRIBUTE       ERX-Ingress-Policy-Name                 10      string





And this is what Radius is sending back:



auth: user supplied User-Password matches local User-Password

Sending Access-Accept of id 61 to 114.0.1.1 port 50628

        ERX-Ingress-Policy-Name = "ingress"

Finished request 0

Going to the next request

--- Walking the entire request list ---

Waking up in 6 seconds...







And this is the error message on JNPR:





Client 00-00-64-01-01-02 got event CLIENT_EVENT_DISCOVER_PDU in state
RELAY_STATE_INIT

Oct  1 21:28:31 Profile_get using regular profile basic-profile

Oct  1 21:28:31 jdhcpd_session_db_client_add: setting giaddr 20.0.0.1

Oct  1 21:28:31 jdhcpd_session_db_client_add: setting IP addr Key 20.0.0.1

Oct  1 21:28:31 jdhcpd_session_db_client_add: setting LR name  default

Oct  1 21:28:31 jdhcpd_session_db_client_add: setting RI name  default

Oct  1 21:28:31 sdb username   circuit:0remote:0

Oct  1 21:28:31 jdhcpd_session_db_client_add: setting profile name
basic-profile

Oct  1 21:28:31 jdhcpd_session_db_client_add: setting inner vlan_ID 1

Oct  1 21:28:31 jdhcpd_session_db_client_add: setting underlying interface
ge-0/0/0.1

Oct  1 21:28:31 session DB create got entry id 111

Oct  1 21:28:31 asking authd for authentication

Oct  1 21:28:31 Auth reply retval 1

Oct  1 21:28:31 got unknown auth attr from session db 325

Oct  1 21:28:31 Client 00-00-64-01-01-02 got event CLIENT_EVENT_AUTH_REQ_ACK
in state RELAY_STATE_WAIT_AUTH_REQ

Oct  1 21:28:31 Auth request reply SUCCESS

Oct  1 21:28:31 *** relaying packet ***

Oct  1 21:28:31 added giaddr 20.0.0.1

 Thanks,

Marlon

More information about the juniper-nsp mailing list