1. Open the IAS MMC snap-in.

2. Select the Remote Access Policies node in the left pane.

3. Right-click the policy that you want to modify and select Properties.

4. On the Settings tab, click Edit Profile.

5. On the Advanced tab, click Add. You will see a large list of attributes, some of which are RADIUS standards and some that are vendor-specific. First verify that the attribute you wish to add does not already exist, and then double-click the Vendor-Specific attribute listed under the RADIUS Standard vendor.

6. On the Multivalued Attribute Information screen, click Add to begin adding a new vendor-specific attribute.

7. On the Vendor-Specific Attribute Information screen, select the vendor of your NAS from the Select from List drop-down box. If the vendor is not listed, select the Enter Vendor Code radio button and manually enter the vendor code for your NAS device as supplied by the vendor or as listed in RFC 1007, "SMI Network Management Private Enterprise Codes."

8. Specify whether the attribute that you are adding conforms to the RADIUS RFC specification for vendor-specific attributes. Select either the Yes, It Conforms radio button or the No, It Does Not Conform radio button.

9. Click Configure Attribute to add the vendor-specific attribute. If you are adding an RFC-compliant attribute, you will be prompted for the following on the Configure VSA (RFC compliant) screen:

• Vendor assigned attribute number: The numeric representation of the attribute you're defining, provided by your NAS vendor

• Attribute format: This format can be String, Hexadecimal, Decimal, or InetAddr

• Attribute value: The actual value of the attribute that this policy should check for.

10. Click OK to configure the vendor-specific attribute.

11. If you have more attributes to configure or delete, click the Add or Remove button.

12. To change the order of the vendor-supplied attributes that you've configured, click Move Up or Move Down as necessary.

13. To save your changes, click OK, and then click Close.

14. Click OK twice to update the remote access policy with the new vendor-specific attribute.

Was this article helpful?

0 0

Post a comment