Name
ARAP-Zone-Access
Synopsis
Attribute Number |
72 |
Length |
6 |
Value |
INTEGER |
Allowed in |
Access-Accept |
Prohibited in |
Accounting-Request, Access-Request, Access-Reject, Access-Challenge, Accounting-Response |
Presence in Packet |
Not required |
Maximum Iterations |
1 |
This attribute, found in Access-Accept
packets
with the Framed-Protocol
attribute set to ARAP,
indicates how the ARAP zone list for the user should be interpreted.
The value field is an integer that can be one of three values. The
integer 1
signifies that the user should only be
allowed access to the default zone. The integer 2
indicates that the zone filter should be used inclusively—that
is, the user should be allowed to access only the zones listed in his
filter. The integer 4
specifies that the zone
filter should be used exclusively—meaning the user should be
allowed to access all zones except those listed in his filter.
The Filter-ID
attribute must also be present if
this attribute’s value is set to
2
or 4
in order to name the
zone list filter to which the access flag
should be applied.
Get RADIUS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.