TechLibrary

[+] Expand All

[-] Collapse All

SRC 4.11.x Subscribers and Subscriptions Guide
- Copyright and Trademark Information
- Table of Contents
- List of Figures
- List of Tables
- About the Documentation
- Managing Subscribers and Subscriptions
  - Overview of Subscribers and Subscriptions on a C Series Controller
    - Subscribers Overview
    - Subscriptions Overview
    - Enterprise Subscriber and Subscription Hierarchy
      - Enterprise Subscription Hierarchy
    - Managers Overview
  - Subscriber Logins and Service Activation
    - Login Events and Processes for the SRC Software
    - Residential Subscriber Login and Processes
    - PPP Subscriber Login and Service Activation
    - DHCP Subscriber Login and Service Activation
    - Static IP Subscribers
      - Single PC, IP Address Known
      - Subscriber IP Address Not Known
    - Enterprise Subscriber Login Process
      - Interface Startup
    - Subscriptions and Activations
      - Subscription Activation Interactions
      - Subscription Deactivation Interactions
    - Automatic Activation at Login
      - Enterprise-Specific Remote Session Activation
  - Configuring Subscriber-Related Properties on the SAE (SRC CLI)
  - Classifying Interfaces and Subscribers (SRC CLI)
  - Overview of Plug-Ins Included with the SAE
    - How Internal Plug-Ins Work
      - Plug-In Pool
      - Event Publishers
    - Types of Internal Plug-Ins
    - Assigning DHCP Addresses to Subscribers
    - Creating and Tracking Subscriber Sessions
    - Activating and Tracking Service Sessions
  - Configuring Internal, External, and Synchronization Plug-Ins (SRC CLI)
  - Configuring Accounting and Authentication Plug-Ins (SRC CLI)
    - Creating RADIUS Peers (SRC CLI)
    - Types of Tracking Plug-Ins
      - RADIUS Accounting
    - Configuring Tracking Plug-Ins (SRC CLI)
    - Log Rotation Overview
    - Configuring Log Rotation (SRC CLI)
      - Configuring the FTP Server for Log Rotation (SRC CLI)
      - Configuring the Upload Client for Log Rotation (SRC CLI)
    - Types of Authentication Plug-Ins
    - Configuring Authentication Plug-Ins (SRC CLI)
    - Configuring UDP Ports for RADIUS Plug-Ins (SRC CLI)
    - Defining RADIUS Packets for Flexible RADIUS Plug-Ins
      - Flexible RADIUS Plug-Ins Overview
        Using Default RADIUS Templates
        Naming RADIUS Attribute Instances
        Defining RADIUS Attributes
        Standard RADIUS Attributes
        Juniper Networks VSAs
      - Defining the Values of RADIUS Attributes
      - Configuring a RADIUS Packet Template (SRC CLI)
      - Using Flexible RADIUS Packet Definitions
        Setting Values in Authentication Response Packets
        Selecting IP Address Pools Using DHCP Response Packets
    - Configuring Event Publishers
      - Special Types of Event Publishers
        Configuring Service-Specific Event Publishers
        Configuring Retailer-Specific Event Publishers
        Configuring Virtual Router–Specific Event Publishers
      - Configuring Global and Default Retailer Event Publishers (SRC CLI)
  - Configuring Subscribers and Subscriptions (SRC CLI)
- Redirecting Subscriber Traffic Through Redirect Server
  - Redirecting Subscriber Traffic
    - Traffic Redirection Overview
    - Redirect Server Redundancy
  - Configuring Traffic Redirection (SRC CLI)
- Integrating Junos OS VPNs into an SRC Configuration
  - Adding VPNs from Devices Running Junos OS (SRC CLI)

Download This Guide

Download this guide: SRC 4.11.x Subscribers and Subscriptions Guide

Defining the Values of RADIUS Attributes

The values of RADIUS attributes can be a standard value (see Table 13) or an expression. Expressions are evaluated with Python. For example: lowWord(inOctets) extracts the lower 32 bits of the 64-bit inOctets counter. You can define multiple values for an expression in a comma-separated list.

Table 13: Standard Values for RADIUS Attributes

Value	Type of Plug-In	Comments
accountingId	User and service tracking
authUserId	Service tracking
Chargeable-User-Identity	User authorization and service accounting	This attribute must be configured in the RADIUS Access-Request packet with an empty value. The RADIUS server sends a unique value with the RADIUS Access-Response packet. This attribute value in the RADIUS Accounting-Request packet is used for service accounting.
dhcp	User and service tracking	Provides access to the DHCP packet. See Sending DHCP Options to the JunosE Router for details.
domain	Authorization
eventTime	User and service tracking	Seconds since 1970-01-01T00:00Z
ifRadiusClass	User and service tracking
ifSessionId	User and service tracking
inOctets	Service tracking	64-bit counter
inPackets	Service tracking
interfaceAlias	User and service tracking
interfaceDescr	User and service tracking
interfaceName	User and service tracking
ipv6InOctets	Service tracking	64-bit counter
ipv6InPackets	Service tracking
ipv6OutOctets	Service tracking	64-bit counter
ipv6OutPackets	Service tracking
localNasId	All	Configured NAS-ID
localNasIp	All	Configured NAS-IP
loginId	User and service authorization	ID provided by the subscriber; the loginId value is not separated into UID and domain name.
loginName	User and service tracking	Name that the subscriber uses to log in to the portal
nasIp	User and service tracking	NAS IP address of the router
nasPort	User and service tracking	32-bit integer
outOctets	Service tracking	64-bit counter
outPackets	Service tracking
password	User and service authorization
portId	User and service tracking	ID of the port on the JunosE router—for example, FastEthernet 3/1:2001
primaryUserName	User and service tracking	Name that the subscriber uses for DHCP/PPP authentication
radiusClass	User tracking, user and service authorization	For service tracking, this value is taken from the RADIUS Access-Accept response. If the response does not contain a value, the RADIUS class defined in the service definition is used. This attribute can be set by an authorization response.
replyMessage	User and service authorization	This attribute can only be set.
routerName	User and service tracking
serviceBundle	User tracking and authorization	This attribute can be set by an authorization response.
serviceName	Service tracking	Sets an arbitrary attribute (for example, class) to the name of the service
serviceSessionName	Service tracking	Named service session; empty for default session
serviceSessionTag	Service tracking
sessionId	User and service tracking
sessionTime	User and service tracking
sessionTimeout	User tracking, user and service authorization	This attribute can be set by an authorization response.
sessionVolumeQuota	User authorization	This attribute can only be set. It is sent to session tracking events and can be returned by service authorization events. It can be set and retrieved through the portal API and can also be defined through an LDAP attribute in the service definition. If the attribute is defined multiple times, the following precedence is observed: Service definition (lowest) Authorization API call (highest) NOTE: The SAE does not enforce a volume quota directly; it only makes the attribute available to an external application that can control the volume quota.
setAcctInterimTime	User authorization	Integer
setAuthVirtualRouterName	DHCP authorization	Text
setIdleTimeout(ATTR)	User authorization
setLoadServices(ATTR)	User authorization	This attribute can only be set.
setPoolName	DHCP authorization	Text
setRadiusClass(ATTR)	User and service authorization
setReplyMessage(ATTR)	User and service authorization
setSessionTimeout(ATTR)	User and service authorization
setServiceBundle(ATTR)	User authorization
setSessionVolumeQuota(ATTR)	User authorization
setSubstitution	User authorization	Text. Substitutions can be set only for service sessions.
setTerminateTime	User authorization	Text
setUserIpAddress	DHCP authorization	Integer
sspHost	User and service tracking
terminateCause	User and service tracking
uid	User and service authorization
userDn	User and service tracking
userIpAddress	User and service tracking
userMacAddress	User and service tracking
userRadiusClass	Service tracking	RADIUS class of the associated subscriber session
userSessionId	Service tracking	RADIUS session ID of the associated subscriber session

TechLibrary

Download This Guide

Related Documentation

Defining the Values of RADIUS Attributes

Related Documentation

Modified: 2017-08-03