Tunneling Protocols
With the advent of work-from-home strategies and the branch-office concept becoming ever more popular, the dependence on access to corporate networks and privatized ISPs has become stronger. There exists a way to use a sort of tunnel to log in to corporate network over the Internet and access that network’s resources as though you were locally attached to it. Although discussing tunnels is beyond the scope of this book, RADIUS does support a variety of tunneling protocols, both voluntary and compulsory. New RADIUS attributes were introduced with RFC 2868 that provide support for this emerging technology.
As well, private ISPs and even some corporate IT data centers want to
be able to account for the use of their service for accounting,
billing, and auditing purposes. RADIUS accounting, of course
supporting the AAA model as discussed in Chapter 1, is an obvious way to collect this data,
especially with the new tunneling-support attributes, some
modifications to the Acct-Status-Type
attribute,
and some entirely new attributes specifically focused at RADIUS
accounting.
The new values for the Acct-Status-Type
attribute
are listed in Table 9-1.
Value |
Name |
Description |
Also requires |
9 |
Tunnel-Start |
Marks the creation of a tunnel with another end point. |
User-Name, NAS-IP-Address, Acct-Delay-Time, Event-Timestamp, Tunnel-Type, Tunnel-Medium-Type, Tunnel-Client-Endpoint, Tunnel-Server-Endpoint, Acct-Tunnel-Connection ... |
Get RADIUS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.