Configuring the Attribute Handling Parameters
This section describes how to configure the attribute handling parameters required for this example.
As discussed in Requirements of the CoA/DM Requests, this example requires a binary Calling-Station-Id (the Calling-Station-Id RADIUS AVP may contain nulls). The ConvertCallingStationId parameter in the radius.ini file enables the conversion of the Calling-Station-Id to hexadecimal form when it is received, even though it is marked and processed as an attribute of type string. To enable this feature, set the following configuration in the radius.ini file:
When enabled, this causes the Calling-Station-Id always to internally contain the hexadecimal representation of the received bytes, instead of those bytes directly. By using this feature, all existing SBR Carrier functionality that normally requires Calling-Station-Id as a human-readable string can still be used.
In this application, the inner username needs to be included in the CST in order to identify active sessions. In addition, because network access devices (RADIUS clients) only identify users by their outer identity, the outer username also needs to be included in the CST, so that it can be included in the CoA/DM requests. To make sure both the outer and inner usernames are available in the Accounting-Request, you need to tunnel the inner username through the class attribute. This is common for many scenarios. However, you also need to preserve the outer username presented in the Accounting-Requests, so that it can also be written to the CST.
You accomplish this by changing classmap.ini file to copy the username in Accounting-Requests to the VSA Funk-Outer-User-Name before replacing it with the value tunneled inside the class attribute. Include the following in the classmap.ini file:
To test this portion of the configuration, add the Funk-Outer-User-Name attribute to the [Attributes] section of the account.ini file. If an Accounting-Request is received that includes this attribute, it is logged in the accounting log file. If the Funk-Outer-User-Name attribute does not appear in the accounting log file, you may need to add it to the radius.dct dictionary file. This attribute is included by default in the radius.dct file, so normally you do not need to add it.