RADIUS Attributes for L2TP
Junos OS supports the following types of RADIUS attributes for L2TP:
- Juniper Networks vendor-specific attributes (VSAs)
- Attribute-value pairs (AVPs) defined by the Internet Engineering Task Force (IETF)
- RADIUS accounting stop and start AVPs
Juniper Networks vendor-specific RADIUS attributes are described in RFC 2865, Remote Authentication Dial In User Service (RADIUS). These attributes are encapsulated with the vendor ID set to the Juniper Networks ID number 2636. Table 1 lists the Juniper Networks VSAs you can configure for L2TP.
Table 1: Juniper Networks Vendor-Specific RADIUS Attributes for L2TP
Attribute Name | Standard Number | Value |
|---|---|---|
Juniper-Primary-DNS | 31 | IP address |
Juniper-Primary-WINS | 32 | IP address |
Juniper-Secondary-DNS | 33 | IP address |
Juniper-Secondary-WINS | 34 | IP address |
Juniper-Interface-ID | 35 | String |
Juniper-IP-Pool-Name | 36 | String |
Juniper-Keep-Alive | 37 | Integer |
Table 2 lists the IETF RADIUS AVPs supported for LT2P.
Table 2: Supported IETF RADIUS Attributes for L2TP
Attribute Name | Standard Number | Value |
|---|---|---|
User-Name | 1 | String |
User-Password | 2 | String |
CHAP-Password | 3 | String |
NAS-IP-Address | 4 | IP address |
NAS-Port | 5 | Integer |
Service-Type | 6 | Integer |
Framed-Protocol | 7 | Integer |
Framed-IP-Address | 8 | IP address |
Framed-IP-Netmask | 9 | IP address |
Framed-MTU | 12 | Integer |
Framed-Route | 22 | String |
Session-Timeout | 27 | Integer |
Idle-Timeout | 28 | Integer |
Called-Station-ID | 30 | String |
Calling-Station-ID | 31 | String |
CHAP-Challenge | 60 | String |
NAS-Port-Type | 61 | Integer |
Framed-Pool | 88 | Integer |
Table 3 lists the supported RADIUS accounting start AVPs for L2TP.
Table 3: Supported RADIUS Accounting Start Attributes for L2TP
Attribute Name | Standard Number | Value |
|---|---|---|
User-Name | 1 | String |
NAS-IP-Address | 4 | IP address |
NAS-Port | 5 | Integer |
Service-Type | 6 | Integer |
Framed-Protocol | 7 | Integer |
Framed-IP-Address | 8 | IP address |
Called-Station-ID | 30 | String |
Calling-Station-ID | 31 | String |
Acct-Status-Type | 40 | Integer |
Acct-Delay-Time | 41 | Integer |
Acct-Session-ID | 44 | String |
Acct-Authentic | 45 | Integer |
NAS-Port-Type | 61 | Integer |
Tunnel-Client-Endpoint | 66 | String |
Tunnel-Server-Endpoint | 67 | String |
Acct-Tunnel-Connection | 68 | String |
Tunnel-Client-Auth-ID | 90 | String |
Tunnel-Server-Auth-ID | 91 | String |
Table 4 lists the supported RADIUS accounting stop AVPs for L2TP.
Table 4: Supported RADIUS Accounting Stop Attributes for L2TP
Attribute Name | Standard Number | Value |
|---|---|---|
User-Name | 1 | String |
Local-Loopback-Interface | 3 | String |
NAS-IP-Address | 4 | IP address |
NAS-Port | 5 | Integer |
Service-Type | 6 | Integer |
Framed-Protocol | 7 | Integer |
Framed-IP-Address | 8 | IP address |
Called-Station-ID | 30 | String |
Calling-Station-ID | 31 | String |
Acct-Status-Type | 40 | Integer |
Acct-Delay-Time | 41 | Integer |
Acct-Input-Octets | 42 | Integer |
Acct-Output-Octets | 43 | Integer |
Acct-Session-ID | 44 | String |
Acct-Authentic | 45 | Integer |
Acct-Session-Time | 46 | Integer |
Acct-Input-Packets | 47 | Integer |
Acct-Output-Packets | 48 | Integer |
Acct-Terminate-Cause | 49 | Integer |
Acct-Multi-Session-ID | 50 | String |
Acct-Link-Count | 51 | Integer |
NAS-Port-Type | 61 | Integer |
Tunnel-Client-Endpoint | 66 | String |
Tunnel-Server-Endpoint | 67 | String |
Acct-Tunnel-Connection | 68 | String |
Tunnel-Client-Auth-ID | 90 | String |
Tunnel-Server-Auth-ID | 91 | String |
