Re: Framed-Route atttribute works or not?

Dale E. Reed Jr. ( (no email) )
Wed, 17 Dec 1997 20:29:10 -0800

Kevin Brown wrote:
>
> "Provides routing information to be configured for the user on this network
> access server. The RADIUS RFC format (net/bits [router[metric]]) and the
> old style dotted mask (net mask [router[metric]]) are supported. If the
> router field is omitted or 0, the peer IP address is used. Metrics are
> currently ignored."
>
> Now, I've been trying to make more sense of what exactly this is telling
> me, and/or you, but the first thing to pop into my mind is to check IOS rev
> levels. Then discuss the RadiusNT compliance with the RFC Cisco is
> referencing. (no exact RFC date is mentioned).

Intepretation:

To route 10.0.0.0 to 11.0.0.1 you can use:

10.0.0.0 255.255.255.0 11.0.0.1 1
10.0.0.0/24 11.0.0.1 1

or you can use 0.0.0.0 for the destination to route to the assigned
PPP address:

10.0.0.0 255.255.255.0 0.0.0.0 1
10.0.0.0/24 0.0.0.0 1

Livingston supports the 0.0.0.0 as well.

> The other questionable declaration in their documentation is with regards
> to the hardware platforms on which RADIUS is 'supported.' In my
> documentation, they declare that RADIUS is supported on the Cisco 2500,
> Cisco 4000, and Cisco 7000 series routers. Does this expressly preclude
> the as5x00 series NAS?

Those are routers. I would assume the as5x00 series would have the same
support, but are not classified as routers.

> These are all questions I would like perhaps Dale to field as far as
> RadiusNT is concerned, and I am currently pending a call-back tonight from
> Cisco for further clarification and implementation. If you have additional
> questions/information you would like me to gather zap me an email directly,
> and I will work them in. Hurry though... no telling when they will call.
> It WILL be tonight. :=)

One thing you have to realize is that I am NOT an authority on all
RADIUS clients. I don't even know what half of them support. As
far as RadiusNT is concerned, we stop as the RFC. However the
client interprets/implements the RFC is going to be the other side
of the story.

For example, when you send an HTTP request from Netscape to IIS,
IIS doesn't know or care about the client besides what the HTTP
protocol warrants. If the browser can't support frames, then its
a browser issue. You can change the content to not include frames
(like in RADIUS you can change the attributes), but the web server
is typically not looking at the content (like RadiusNT doesn't
look at the attributes you confgiure for it to return).

-- Dale E. Reed Jr.  (daler@iea.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com