000025689 - How to suppress the class attribute from RSA RADIUS (SBR2CL)

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025689
Applies ToRSA RADIUS Server 6.1 Powered by Funk Steel-Belted RADIUS
RSA RADIUS 7.1
Class attribute
IssueHow to suppress class sttribute from RSA RADIUS (SBR2CL)
Problems with default Steel-Belted RADIUS Class attribute after upgrading to RSA Authentication Manager 6.1
NAS devices receive a Class=SBR2CL\0xbc\0xb1\0xf90x95\0xe4\0xec\0xcd\0xa8\ when profiles return a Class attribute
CauseBy default, Funk Steel Belted Radius sends the Funk class attribute to the NAS device if the profile contains the attribute Class
ResolutionTo correct this issue, locate the vendor.ini file in the /rsa/radius/ directory for UNIX or in the C:\Program Files\RSA Security\RSA Radius\Service\ directory for Microsoft Windows. Edit the vendor.ini file and locate the entries for the NAS vendor that corresponds to your RADIUS profile. In this example, we will look at the lines for standard RADIUS:
vendor-product          = - Standard Radius -
dictionary                   = Radius
ignore-ports               = no
help-id                        = 2000
Change it to read as follows:
vendor-product          = - Standard Radius -
dictionary                   = Radius
ignore-ports               = no
help-id                        = 2000
send-class-attribute   = no
Then restart RADIUS for this change to take effect.
Legacy Article IDa29959

Attachments

    Outcomes