000022501 - How to set Primary and Secondary DNS server values in RADIUS

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022501
Applies Toascend-client-primary-dns
ascend-client-secondary-dns
Primary DNS
Secondary DNS
RADIUS Dictionary
RSA ACE/Server 5.2
Telstra Dial-IP
IssueHow to set Primary and Secondary DNS server values in RADIUS
No ascend-client-primary-dns or ascend-client-secondary-dns values configurable in RSA ACE/Server RADIUS profiles
CauseThese 2 values are commonly used by Ascend equipment; other devices such as Cisco VPN 3000 Concentrator also use them, but know the values as Primary-DNS and Secondary-DNS. These values are optional parameters when configuring an ACE/Server for connection to a Telstra Dial-IP service. For more information, see http://www.telstra.com.au/dialip/docs/radius.pdf.
ResolutionThese custom attributes need to be added to the ACE/Server. The following steps show how to do this on a Windows system; however, these steps can also be used for UNIX:

1. Update the dictionary file, for example c:\ace\data\dictionary, with the following two entries:

ATTRIBUTE       Primary-DNS      135   ipaddr
ATTRIBUTE       Secondary-DNS      136   ipaddr

2. Update the securidmapfile file, for example c:\ace\data\securidmapfile, with the following two entries:

Primary-DNS        1        0
Secondary-DNS        1        0

3. Use the RADIUS load tool to load the updated dictionary into the ACE/Server:

    cd c:\ace\prog
    loadraddb xyzzy ..\data\dictionary ..\data\securidmapfile

4. Use the ACE/Server administration menu to add the newly created attributes to your selected profiles

NOTE: If you have made previous, inaccurate attempts to set up these values, you may need to remove your previous values.

For more information, review the documentation concerning using the "removeattr" utility and the "-p" option which can be used with the "loadraddb" command.
Legacy Article IDa20591

Attachments

    Outcomes