Cisco Cisco IOS Software Release 12.2(1)DX
RADIUS Attribute Screening
Glossary
16
Cisco IOS Release 12.2(1)DX
Glossary
AAA—authentication, authorization, and accounting. Suite of network security services that provide the
primary framework through which access control can be set up on your Cisco router or access server.
primary framework through which access control can be set up on your Cisco router or access server.
attribute—RADIUS Internet Engineering Task Force (IETF) attributes are the original set of 255
standard attributes that are used to communicate AAA information between a client and a server.
Because IETF attributes are standard, the attribute data is predefined and well known; thus all clients
and servers who exchange AAA information via IETF attributes must agree on attribute data such as the
exact meaning of the attributes and the general bounds of the values for each attribute.
standard attributes that are used to communicate AAA information between a client and a server.
Because IETF attributes are standard, the attribute data is predefined and well known; thus all clients
and servers who exchange AAA information via IETF attributes must agree on attribute data such as the
exact meaning of the attributes and the general bounds of the values for each attribute.
NAS—network access server. A Cisco platform (or collection of platforms, such as an AccessPath
system) that interfaces between the packet world (for example, the Internet) and the circuit world (for
example, the Public Switched Telephone Network).
system) that interfaces between the packet world (for example, the Internet) and the circuit world (for
example, the Public Switched Telephone Network).
RADIUS—Remote Authentication Dial-In User Service. RADIUS is a distributed client/server system
that secures networks against unauthorized access. In the Cisco implementation, RADIUS clients run on
Cisco routers and send authentication requests to a central RADIUS server that contains all user
authentication and network service access information.
that secures networks against unauthorized access. In the Cisco implementation, RADIUS clients run on
Cisco routers and send authentication requests to a central RADIUS server that contains all user
authentication and network service access information.
VSA—vendor-specific attribute. VSAs are derived from one IETF attribute—vendor-specific
(attribute 26). Attribute 26 allows a vendor to create and implement an additional 255 attributes. That is,
a vendor can create an attribute that does not match the data of any IETF attribute and encapsulate it
behind attribute 26: essentially, Vendor-Specific ="protocol:attribute=value".
(attribute 26). Attribute 26 allows a vendor to create and implement an additional 255 attributes. That is,
a vendor can create an attribute that does not match the data of any IETF attribute and encapsulate it
behind attribute 26: essentially, Vendor-Specific ="protocol:attribute=value".