Using RADIUS Plug-In Fields
This section describes the fields in RADIUS plug-ins.
Append Acct-Status-Type Attribute
- Specifies whether or not the plug-in includes the Acct-Status-Type attribute in a RADIUS accounting request packet.
- Values—Yes or No
- Default—Yes
- Property name —setAcctStatusType
Bind Address
- Source IP address that the plug-in uses to communicate with the RADIUS server.
- Value—IP address; if you do not specify an address, the global default address is used. The SAE automatically sets the global default address when you run the etc/config command during initial configuration of the SAE. The property for the global address is the AccountingMgr.local.address property in the /opt/UMC/sae/etc/default.properties file.
- Default—No value
- Property name—local.address
Calling Station Id
- Specifies whether the SAE sends the MAC address of the subscriber in the Calling-Station-Id attribute.
- Value—Send Mac address or Do not use
- Default—Do not use
- Property name—CallingStationId
Class Path for RADIUS Packet Handler
- List of URLs that identify a location from which Java classes are loaded when the plug-in is initialized. Commas separate each URL in the list.
- Value—<class path>
- Guideline—If no value is specified, the SAE loads Java classes specified in the class path for the SAE, including the /opt/UMC/sae/lib directory.
- Default—No value
- Property name —handler.classpath
Default peer
- Name of the RADIUS server to which the SAE sends accounting packets.
- Value—Name of the server as defined in the RADIUS peer configuration
- Default—No value
- Property name—defaultPeer
Error handling
- ignore—Ignores incorrect definitions and logs them for debugging purposes
- strict—Logs errors and discards the affected RADIUS packet
Failover failback timer
- Number of seconds in the range 1-2147483647 after a failover that the SAE attempts to fail back
- 0—SAE always attempts to fail back
- -1—SAE never attempts to fail back
Java Class of RADIUS Packet Handler
- Name of the Java class that implements the RadiusPacketHandler interface in the RADIUS Client Library.
- Value—<class name>
- Default—No value
- Example—net.juniper.smgt.radius.RadiusPacketHandlerImpl
- Property name —handler.class
Load Balancing Mode
- Failover—SAE sends requests to the RADIUS server configured as the default peer. If the default peer fails, the SAE uses the next server configured in the peer group. The SAE cycles through the configured RADIUS servers as needed.
- Round-robin—SAE alternates requests between all RADIUS servers configured in the peer group.
Max Queue Length
- Maximum number of unacknowledged RADIUS messages that the plug-in receives from the RADIUS server before it discards new messages.
- Value—Integer in the range 0-2147483647
- Default—10000
- Property name—local.maxWaitingQueueLength
NASIP
Require Mandatory Attributes
- Specifies whether or not a RADIUS authentication or accounting request must contain all mandatory RADIUS attributes before sending the request packet.
- Values—Yes or No
- Default—Yes
- Property name—forceMandatoryAttr
Retry interval [ms]
- Time the SAE waits for a response from a RADIUS server before it resends the RADIUS packet. The SAE keeps sending RADIUS packets until either the server acknowledges the packet or the maximum timeout is reached.
- Value—Number of milliseconds in the range 0-2147483647
- Default—3000
- Property name—local.retryInterval
Template
- Name of a template that defines sets of RADIUS attributes included in accounting messages. You define templates in the RADIUS tab of SDX Configuration Editor. See Defining RADIUS Packets for Flexible RADIUS Plug-Ins with SDX Configuration Editor.
- Value—Name of the template in the format RadiusPacket.<template name>; you can enter only one template name
- Default—RadiusPacket.sdtAcct
- Property name—RadiusPacket.<template name>
Timeout [ms]
- Maximum time the SAE waits for a response from a RADIUS server. If the RADIUS server does not respond to the request, the request fails and the SAE logs an error message.
- Value—Number of milliseconds in the range 0-9223372036854775807
- Default—10000
- Property name—local.timeout
UDP Port
- Source UDP port or a pool of ports that the plug-in uses to communicate with the RADIUS server.
- Value—You can enter a single port number, a pool of port numbers, or a list of port numbers and port ranges. If you do not specify a UDP port, the global default port is used (see Configuring UDP Ports for RADIUS Plug-Ins).
- Port number in the range 1-65535
- A range of ports in the format port-port; for example, 7000-7003
- A comma-separated list of port numbers and port ranges
Username
- Login Name—Name used for login
- Accounting ID—Value stored in the subscriber profile
- Auth User Name—Name used to authenticate a service
- Manager ID—Value of the manager ID in the service subscription; use this setting to identify subscribers to enterprise services. Manager ID is the value of modifiersName in the subscription; if modifiersName does not exist, manager ID is the value of creatorsName.