Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000025689 - How to suppress the class attribute from RSA RADIUS for RSA Authentication Manager 8.x

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support on Aug 30, 2019

Version 3Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000025689
Applies To	RSA Product Set: SecurID RSA Product/Service Type: Authentication Manager RSA Version/Condition: 8.x
Issue	This article explains how to: Suppress class attribute from the RSA RADIUS response. Address problems with the default Steel-Belted RADIUS class attribute. Resolve when NAS devices receive a Class=SBR2CL\0xbc\0xb1\0xf90x95\0xe4\0xec\0xcd\0xa8\ when profiles return a Class attribute.
Cause	By default, Funk Steel Belted RADIUSsends the Funk class attribute to the NAS device if the profile contains the attribute class
Resolution	To correct this issue, Locate the vendor.ini in the Operations Console (Deployment Configurations > RADIUS Servers > Manage Server Files > vendor.ini) Click the context arrow next to the vendor.ini and select Edit. Locate the entries for the NAS vendor that corresponds to your RADIUS profile. In this example, we will look at the lines for standard RADIUS: vendor-product = - Standard Radius - dictionary = Radius ignore-ports = no help-id = 2000 Change it to add the text send-class-attribute = no, as follows: vendor-product = - Standard Radius - dictionary = Radius ignore-ports = no help-id = 2000 send-class-attribute = no When done, click Save & Restart RADIUS Server. This restart allows the debug changes to take effect.
Legacy Article ID	a29959

Attachments

Outcomes

0 Comments

Recommended Content