Cisco Systems 3130 User Manual

You can view the AV pairs that are being sent by the switch by entering the debug radius accounting 
privileged EXEC command. For more information about this command, see the Cisco IOS Debug 
Command Reference, Release 12.2 at this URL:

For more information about AV pairs, see RFC 3580, “IEEE 802.1X Remote Authentication Dial In User 
Service (RADIUS) Usage Guidelines.”

The switch supports IEEE 802.1x authentication with VLAN assignment. After successful IEEE 802.1x 
authentication of a port, the RADIUS server sends the VLAN assignment to configure the switch port. 
The RADIUS server database maintains the username-to-VLAN mappings, assigning the VLAN based 
on the username of the client connected to the switch port. You can use this feature to limit network 
access for certain users. 

Attribute[8]

Framed-IP-Address

Never

Sometimes

1

Sometimes

1

Attribute[25]

Class

Always

Always

Always

Attribute[30]

Called-Station-ID

Always

Always

Always

Attribute[31] Calling-Station-ID

Always

Always

Always

Attribute[40]

Acct-Status-Type

Always

Always

Always

Attribute[41]

Acct-Delay-Time

Always

Always

Always

Attribute[42]

Acct-Input-Octets

Never

Never

Always

Attribute[43] Acct-Output-Octets

Never

Never

Always

Attribute[44]

Acct-Session-ID

Always

Always

Always

Attribute[45] Acct-Authentic

Always

Always

Always

Attribute[46]

Acct-Session-Time

Never

Never

Always

Attribute[49] Acct-Terminate-Cause

Never

Never

Always

Attribute[61]

NAS-Port-Type

Always

Always

Always

1.

The Framed-IP-Address AV pair is sent only if a valid Dynamic Host Control Protocol (DHCP) binding 
exists for the host in the DHCP snooping bindings table.