Monitoring, Management & Location Tracking

Integrating AirWave User Login with Steel Belted Radius (SBR)

SBR needs custom vendor attributes defined in a dictionary file (example_dictionary.dct) and assigned to a Radius Profile as a return list attribute in a user profile so it is returned to the NAS on query.

The rough steps to do this involve creating a profile that contains the desired return list attribute (Aruba-Admin-Role) and then linking that profile with the Radius manager so it's applied.

A key difference between SBR and FreeRadius is that an attribute FLAG must be included which defines if an attribute is a check-list (pre auth) or return list (post-auth) attribute. All of the aruba attributes should be return list.

Dictionary as used by SBR;

VENDOR Aruba 14823
BEGIN-VENDOR Aruba

ATTRIBUTE Aruba-User-Role 1 string r
ATTRIBUTE Aruba-User-Vlan 2 integer r
ATTRIBUTE Aruba-Priv-Admin-User 3 integer r
ATTRIBUTE Aruba-Admin-Role 4 string r
ATTRIBUTE Aruba-Essid-Name 5 string r
ATTRIBUTE Aruba-Location-Id 6 string r
ATTRIBUTE Aruba-Port-Identifier 7 string r
ATTRIBUTE Aruba-Template-User 8 string r

END-VENDOR Aruba

PLEASE NOTE: You may modify the default radius.dct and adjust the index numbers (1,2,3..etc) following the attributes to not overlap with existing default radius.dct attributes (it's generally pretty safe to start with 101 or something high up, the max range is 0..255)

Version history
Revision #:
2 of 2
Last update:
‎06-25-2014 11:52 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.