Cisco Systems 3.3 Manual De Usuario

The first attribute in the Cisco IOS/PIX RADIUS implementation, cisco-av-pair, 
supports the inclusion of many AV pairs, using the following format:

where attribute and value are an AV pair supported by the releases of IOS 
implemented on your AAA clients, and sep is “=” for mandatory attributes and 
“*” for optional attributes. This allows the full set of TACACS+ authorization 
features to be used for RADIUS.

The attribute name in an AV pair is case sensitive. Typically, attribute names are 
all in lowercase letters.

The following is an example of two AV pairs included in a single Cisco IOS/PIX 
RADIUS cisco-av-pair attribute:

ip:addr-pool=first

shell:priv-lvl=15

The first example causes the Cisco multiple named IP address pools feature to be 
activated during IP authorization (during PPP IPCP address assignment). The 
second example causes a user of a device-hosted administrative session to have 
immediate access to EXEC commands.

250

cisco-ssg-account-info

String (maximum length 
247 characters)

Outbound

No

251

cisco-ssg-service-info

String (maximum length 
247 characters)

Both

No

253

cisco-ssg-control-info

String (maximum length 
247 characters)

Both

No