The servtype.ini file configures service type mapping in Steel-Belted Radius Carrier. Service type mapping allows a single user to have multiple authorization attribute sets based on the service type the user is requesting. The service type is determined based on request attributes using rules that may differ depending on the network access server.
Using static configuration parameters in the servtype.ini file, you can specify, on a device-by-device basis, a mapping of request attributes and values to service type strings. These strings can be attached to the username as a prefix or as a suffix. The elaborated username is used for both authentication and authorization, and for allowing different authorizations based on service type requested.
Refer to the SBR Carrier Administration and Configuration Guide for information about how to configure and use service type mapping.
The [Settings] section (Table 36) of servtype.ini controls how the service type string is attached to the username before performing a lookup in the Native User database.
If Prefix and Suffix are both set to 0 in the [Settings] section, service type mapping is disabled.
Table 36: servtype.ini [Settings] Syntax
Specifies whether the service type string is prefixed to the username before performing a lookup in the Native User database.
Default value is 0.
Specifies whether the service type string is suffixed to the username before performing a lookup in the Native User database.
Default value is 0.
Mapping name that is used when an Access-Request message is received from a network access server not listed in the [NAS] section of servtype.ini.
If you do not configure a Default setting and the server cannot determine the mapping in any other way, the server ignores the service type and authenticates the user without it.
The [NAS] section of the servtype.ini file lets you map network access devices to [Mapping] sections. The syntax for [NAS] is:
Each NASname entry in the [NAS] section must match the name of a RADIUS client entry in the Steel-Belted Radius Carrier database. When an Access-Request is received, its NAS-IP-Address attribute is matched to a RADIUS client entry in the database. If a match can be found and the RADIUS client name matches a NASname in the [NAS] section, Steel-Belted Radius Carrier looks for a corresponding mapping section in the servtype.ini file.
Each [MappingName] section of the servtype.ini file identifies the strings to be added to the username for lookups in the Native User database, which allows Steel-Belted Radius Carrier to retrieve the appropriate return list, and specifies the rules an incoming Access-Request packet must meet before Steel-Belted Radius Carrier returns an Access-Accept message. The name of each [MappingName] section must match a mappingName entry in the [NAS] section.
The syntax for each [MappingName] section is:
ServiceTypeString is a string added to the username.
Each rule is a statement about an attribute that must be present in the incoming Access-Request packet. Each rule must be indented with a tab character, followed by a RADIUSattribute = value string, followed by a carriage return. Every component of the rule is optional, so there are many syntax variations.
If a rule includes a RADIUSattribute field, this field must identify a standard or vendor-specific RADIUS attribute that is known to the server. If a rule provides an optional value field, this field must name a valid possible value for that attribute.
If the RADIUSattribute field for a rule is preceded by a tilde (~), then the specified RADIUSattribute, if present in the Access-Request packet, must have a value other than value for the rule to be true. If the RADIUSattribute is not present in the Access-Request packet, or if it is present and has the value specified, the rule is false and authorization fails.
[Settings] Prefix=1 Suffix=0 Default=defaultmap [NAS] nas1=nas1map nas2=nas2map [nas1map] ppp: Framed-Protocol=1 Service-Type=2 vpn: Framed-Protocol=6 ~Service-Type=2 other: Framed-Protocol Service-Type [nas2map] analog: NAS-Port-Type=1 isdn: NAS-Port-Type=2 [defaultmap] ppp: