Name

ARAP-Zone-Access

Synopsis

Attribute Number

72

Length

6

Value

INTEGER

Allowed in

Access-Accept

Prohibited in

Accounting-Request, Access-Request, Access-Reject, Access-Challenge, Accounting-Response

Presence in Packet

Not required

Maximum Iterations

1

This attribute, found in Access-Accept packets with the Framed-Protocol attribute set to ARAP, indicates how the ARAP zone list for the user should be interpreted.

The value field is an integer that can be one of three values. The integer 1 signifies that the user should only be allowed access to the default zone. The integer 2 indicates that the zone filter should be used inclusively—that is, the user should be allowed to access only the zones listed in his filter. The integer 4 specifies that the zone filter should be used exclusively—meaning the user should be allowed to access all zones except those listed in his filter.

The Filter-ID attribute must also be present if this attribute’s value is set to 2 or 4 in order to name the zone list filter to which the access flag should be applied.

Get RADIUS now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.