Dell Powerconnect W-ClearPass Hardware Appliances W-ClearPass Policy Manager 6 - Page 223
RADIUS CoA Enforcement Profiles, Table 117
View all Dell Powerconnect W-ClearPass Hardware Appliances manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 223 highlights
Table 117: RADIUS Enforcement Profile (Attributes tab) Enforcement Profile Template Description A- VLAN Enforcement Enforcement profile template to set IETF RADIUS standard VLAN attributes. B-Filter ID Based Enforcement Enforcement profile template to set IETF RADIUS standard filter ID attribute. C-Cisco Downloadable ACL Enforcement Enforcement profile template for Cisco IOS downloadable ACLs. D-Cisco Web Authentication Enforcement Enforcement profile template to set Cisco Web Authentication ACLs. E-(Generic) RADIUS-Based Authentication Type is any RADIUS vendor dictionary that is pre-packaged with Policy Manager, or imported by the Administrator. This field is prepopulated with the dictionary names. Name is the name of the attribute from the dictionary selected in the Type field. The attribute names are prepopulated from the dictionary. Value is the value of the attribute. If the value has prepopulated values is the dictionary, these appear in a drop-down list. Otherwise, you can enter freeform text. An Enforcement Profile can also contain dynamic values (as received in the request or authentication handshake, or as derived by the Policy Manager policy system). For example, to set the name of the VLAN to the name of the role, enter %{Tips:Role} as the value for RADIUS:IETF:Tunnel-Private-Group-Id. These dynamic values must be entered in the following format, without any spaces: %{namespace:attribute-name}. For convenience, the value field also has a drop down that contains all the authorization attributes. You can use these directly to assign dynamic values in the profile. Refer to figure above. RADIUS CoA Enforcement Profiles The RADIUS CoA tab contains a template type and the actions associated with that template type. The RADIUS CoA Enforcement Profile tab loads the CoA template attributes supported a specific template. Interface Description Select RADIUS CoA Template The supported template types are: l Cisco - Disable-Host-Port l Cisco - Bounce-Host-Port l Cisco - Reauthenticate-Session l HP - Change-VLAN l HP - Generic-CoA Attributes The RADIUS (standard and vendor-specific) shown here are base on the CoA Template selected from the drop down. Fill in values for all entries marked "Enter value here". The other pre-filled attributes must not be deleted, since the device requires these to be present. Dell Networking W-ClearPass Policy Manager 6.0 | User Guide 223