000026434 - Radius Vendor Specific Attribute's for Brocade.

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000026434
Applies ToDefine VSA's for Management on Brocade switches
Authentication Manager 6.1.2 and should apply to AM 7.1
IssueThere are no Brocade dictionaries on SBR for AM 6.1 and 7.1
Resolution

To create a new dictionary for Brocade, go to C:\Program Files\RSA Security\RSA Radius\Service and create file name brocade.dct and add the following:
################################################################################
# brocade.dct - Brocade Dictionary
#
# (See README.DCT for more details on the format of this file)
################################################################################
#
# Use the Radius specification attributes
#
@radius.dct


MACRO BROCADE-VSA(t,s) 26 [vid=1588 type1=%t% len1=+2 data=%s%]


ATTRIBUTE Brocade-Auth-Role BROCADE-VSA(1,string) R


ATTRIBUTE Brocade-AVPairs1 Brocade-VSA(2,string) r


ATTRIBUTE Brocade-AVPairs2 Brocade-VSA(3,string) r


ATTRIBUTE Brocade-AVPairs3 Brocade-VSA(4,string) r


ATTRIBUTE Brocade-AVPairs4 Brocade-VSA(5,string) r


################################################################################
# brocade.dct - Brocade Dictionary
################################################################################


next edit the vendor.ini file and add the following:  vendor-product         = Brocade  
                                                                       dictionary                = Brocade
                                                                       send-class-attribute =  no
Put it between Bluesocket and Cabletron

 In the dictiona.dcm file, add @brocade.dct This must be in alphabetical order. Put it between bluesocket and chantry


Finally stop and restart Radius
NotesYou should be able to select Make/Model Brocade in the Radius client config.
When you add attributes you should see  Brocade-Auth-Role. Value is a string, the Brocade docs show The valid
roles include Root, Factory, Admin, SwitchAdmin, and User.

IF you are testing with NTRADPING and wish to see the Brocade return attributes in NTRADPING decode window,


you need to make certain edits to raddict.dat file which NTRADPING uses. Here are Brocade specific edits to add to theraddict.dat file:


 


Vendor section, add this


VENDOR Brocade 1588 ietf


 


Vendor Specific Attributes Section, add this


# Brocade


ATTRIBUTE Brocade-Auth-Role 1 string Brocade


ATTRIBUTE Brocade-AVPairs1 2 string Brocade


ATTRIBUTE Brocade-AVPairs2 3 string Brocade


ATTRIBUTE Brocade-AVPairs3 4 string Brocade


ATTRIBUTE Brocade-AVPairs4 5 string Brocade

Legacy Article IDa42355

Attachments

    Outcomes