ACS 3.3 Send Radius Attribute 135 & 136

lmslattery · ‎06-26-2007

Hi

I need an ACS box to return IETF RADIUS attributes 135 & 136 to a NAS for the assignment of DNS servers to clients.

The ACS 3.3 user guide lists these as supported IETF RADIUS Attributes however they don't seem to be available under Interface Configuration--> Radius IETF.

Would anyone know how I can enable these ?

Thanks

Leon

Premdeep Banga · ‎06-26-2007

Hi,

The NAS client (AAA Client) that you have defined on ACS, configure it as Authenticate using RADIUS(Ascend).

And then go to Interface Configuration > Radius(Ascend) and check,

[135] Ascend-Client-Primary-DNS,

[136] Ascend-Client-Secondary-DNS

then configure them under Group, and see if that works.

Regards,

Prem

Premdeep Banga · ‎06-26-2007

Hi,

You can also specify,

Radius cisco-av pair as[Radius(IOS/PIX)],

ip:dns-servers=x.x.x.x y.y.y.y

Regards,

Prem

lmslattery · ‎06-26-2007

Hi Prem

Thanks for you suggestions.

Attributes 135 & 136 don't appear under Acend either unfortunatly.

I have specified the ip:dns-servers AV Pair as you suggested and will see how that goes.

Thanks

Leon

Premdeep Banga · ‎06-26-2007

Thats strange Leon,

Because I can see it on ACS 3.3.3. See the screen shots.

Try to restart the CSAdmin service.

Regards,

Prem

lmslattery · ‎06-26-2007

Hi Prem

I see what you mean from the Screenshot.

I definatly don't have half the attributes listed that you have.

I'm workinh with an ACS Solution engine appliance if that makes any difference ?

I have restarted it's services.

Regards

Leon

Premdeep Banga · ‎06-26-2007

Hi Leon,

That is quite strange. You should have those attributes.

As you mentioned you have ACS SE, if you could console into it. Issue command,

stop csadmin

start csadmin

Or rebooting ACS SE will re-start the CSAdmin server.

If you are restarting services from, System Configuration > Service Control, then that wont restart the CSAdmin service.

Give that a try.

Regards,

Prem