Cisco Access Registrar User Guide - Index [Cisco Access Registrar]

Table Of Contents

A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

A

AAAFileServiceSyncInterval 4-43

AcceptAll 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22

Accepted-Profiles B-1

Access-Challenge 1-11

Access Registrar

backups 21-1

definition 1-1

dictionaries 9-1

internal database 21-1

objects 1-1, 4-3

server 4-2

Access-Reject B-8

Access-Request 5-2, 5-7

Accounting 7-1

attributes 1-13

database 1-1

definition 1-1

log file 4-11

MaxFileAge 7-2

MaxFileAge format 7-4

MaxFileSize 7-2

MaxFileSize format 7-3

RolloverSchedule 7-2

setting up 7-1

Start 7-1

Stop 7-1

Accounting log 3-22

Accounting records 14-10

Accounting-Service B-2

ACKaccounting 4-41

Acquire-Dynamic-DNS B-2

Acquire-Home-Agent B-2

Add Administrator page 3-6

Adding administrators 3-6

Adding AV pairs 3-16

Adding clients 3-8

Adding profiles 3-11

Adding users 3-15

addProfile method A-2

Administrator properties 3-6

AdvancedDuplicateDetectionMemoryInterval 4-44, 4-46

AltigaOutgoingScript 9-7

ANAAAOutgoing 9-7

APPEND A-2, A-5, A-7, A-8

aregcmd

Access Registrar command 2-1

command performance 2-3

commands 2-4

add 2-4

cd 2-4

delete 2-5

exit 2-5

filter 2-5

find 2-5

help 2-6

insert 2-6

login 2-6

logout 2-6

ls 2-7

next 2-7

prev 2-7

pwd 2-8

query-sessions 2-8

quit 2-8

release-sessions 2-8

reload 2-9

save 2-9

set 2-10

start 2-11

stats 2-11

status 2-12

stop 2-12

trace 2-13

unset 2-14

validate 2-14

definition 2-1

error codes 2-16

save 6-3

session management commands 4-23

syntax 2-1

aregcmd CLI log 3-23

ARIsCaseInsensitive 4-44

AscendIncomingScript 9-7

AscendOutgoingScript 9-7

Attribute Dictionary 1-13, 4-49, A-1

methods A-1

put method A-2

Attributes 4-31, C-1

alphabetical list C-2

check item 15-21

numeric list C-5

AttributesToBeCached 12-5

AUGMENT A-2, A-5, A-7, A-8

Authentication-Service 1-6

Authorization

definition 1-1

Authorization-Service 1-6

B

BackingStore-Env-Vars B-3

Backups 21-1

BaseProfile 3-16, 4-4, 4-5

BindName 4-36

BindPassword 4-36

Broadcast-Accounting-Packet B-4

C

CabletronOutgoing 9-8

Cache-Attributes-In-Session B-4

Callback-Number 1-13

callsPerSecond 5-10

Case insensitive commands

see also aregcmd

cd command 2-1

CertificateDBPath 4-43

change directory command

see also aregcmd

Change of Authorization (CoA) 15-27

CHAP

Access Request packet 5-2

CHAP_ PASSWORD

attribute type 4-50

Check item attributes 15-21

CiscoIncoming 9-8

CiscoOutgoing 9-8

Cisco Subscriber Edge Services Manager 13-1

CiscoWithODAPIncomingScript 9-8, 11-1, 11-3

clear method A-2

Client/server model 1-11

Client-Behind-the-Proxy 9-2

Client properties 3-8

Clients

adding 3-8

IPAddress 3-9, 4-6

list 4-46

required attributes 3-8

vendor properties 3-9, 4-6

CoA requests 15-27

Commands

eap-trace 8-23

tunnel 8-23

ConfigurationError reply message 4-49

Configuration Objects 2-3

Configure page 3-4

Configuring

check item attributes 15-22

LDAP RemoteServer 18-2

local service 6-2

ODBC RemoteServer 19-3

Configuring clients 3-7

Configuring CoA requests 15-27

Configuring profiles 3-10

Configuring rules 16-2

containsKey method A-2

CRB-Prepaid billing

with SSG 14-14

D

Database

Access Registrar backups 21-1

MCD 6-3

DefaultAccountingService 4-3

DefaultAuthenticationService 1-3, 4-2

DefaultAuthorizationService 4-3

DefaultReturnedSubnetSizeIfNoMatch 4-44

DefaultSessionManager 4-3

DefaultSessionService 4-3

Destination-IP-Address B-4

Destination-port B-4

Dictionaries

Types of 9-1

Dictionary

attribute 4-45

Disable-Accounting-On-Off-Broadcast B-4

DNSLookupAndLDAPRebindInterval 18-5

DropPacket. 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22

Dynamic-DNS-HostName B-4

Dynamic-Search-Filter B-4

E

EAP 4-10, 8-1

authentication mechanism 8-1

fatal error packet handling 4-47

SilentDiscard 4-47

EAP-Actual-Identity B-5

EAP authentication 8-1

EAP-Authentication-Mode B-5

EapBadMessagePolicy 4-47

EAP-GTC 8-11, 8-12

EAP-LEAP 8-13

EAP-MD5 8-14

EAP-MSChapv2 8-16

EAP-Negotiate 8-15, 8-16

EAP response messages 4-47

EAP-SIM 8-20

EAP-SIM authentication 8-20

eap-trace command 8-23

EAP-Transport Level Security 8-18

Easysoft Open Source 19-6

Editting

users 3-16

Editting administrators 3-6

Editting clients 3-10

Editting profiles 3-13

Empty string 2-1

EntryPoint 4-22

ENUM

attribute type 4-50

Environment Dictionary 1-3, 1-6, 9-1, 9-3

Environment Dictionary script 9-4

Environment variable

Accounting-Service B-2

Acquire-Group-Session-Limit B-2

Acquire-IP-Dynamic B-2

Acquire-IP-Per-NAS-Port B-2

Acquire-IPX-Dynamic B-2

Acquire-Subnet-Dynamic B-3

Acquire-User-Session-Limit B-3

Acquire-USR-VPN B-3

Allow-Null-Password B-3

Authentication-Service B-3

Authorization-Service B-3

Current-Group-Count B-4

Dynamic-Search-Path B-5

Group-Session-Limit B-5

Ignore-Accounting-Signature B-5

Incoming-Translation-Groups B-5

Misc-Log-Msg-Info B-5

Reject-Reason B-6

Remote-Server B-6

Request-Authenticator B-6

Request-Type B-7

Require-User-To-Be-In-Authorization-List B-7

Response-Type B-8

Session-Key B-8

Session-Manager B-8

Session-Service B-8

Source-IP-Address B-9

Trace-Level B-9

Unavailable-Resource B-9

Unavailable-Resource-Type B-9

User Authorization-Script B-10

User-Group B-10

User-Group-Session-Limit B-10

User-Name B-10

User-Profile B-10

User-Session-Limit B-10

Error codes

aregcmd 2-16

ExecCLIDRule 16-15

ExecDNISRule 16-15

ExecNASIPRule 16-15

ExecRealmRule 16-14

ExecTimeRule 16-11, 16-17

Extensible Authentiction Protocols 8-1

Extension points 9-2

F

Failover policy 4-14, 4-15, 4-16, 8-21

Fatal error packet 4-47

Filename 4-22

FilenamePrefix 4-11, 4-14

file service 4-8, 4-11

FilenamePrefix 4-11, 4-14

MaxFileAge 4-11, 4-15

MaxFileSize 4-11, 4-14

Filter 4-37

firstKey method A-2

Framed-IP-Address 1-13

Framed Protocol 1-13

FramedRouting 4-30

G

Gateway

Description 4-27

IPAddress 4-27

LocationID 4-27

Name 4-27

SharedSecret 4-27

TunnelRefresh 4-27

Gateways 4-30

get method A-2

Grouping property 16-1

Group service 14-5, 14-11, 14-13

Group-Session-Limit Resource Manager 1-3, 4-26

GUI

administrators page 3-5

configure page 3-4

launching 3-1

logging in 3-3

log out 3-4

overview page 3-4

top-level 3-4

H

HiddenAttributes 4-4

HostName 4-36

Hot configuration 10-5

Hot-lining 15-27

I

Identifier 4-30

IncomingScript 1-5, 3-9, 4-2, 4-6, 4-7, 4-41

IncomingScriptFailed reply message 4-49

IncomingScript RejectedRequest reply message 4-49

Incoming scripts 1-2, 1-12

InitEntryPoint 4-8, 4-22

InitEntryPointArgs 4-22

InitialBackgroundTimerSleepTime 4-43

InitialTimeout 4-41

Input queue

high threshold 20-3

Interfaces properties 4-1

InternalError reply message 4-48

IPADDR

attribute type 4-50

IPAddress 3-9, 4-6

IP-Dynamic Resource Manager 1-3, 4-26

IP-Per-NAS-Port Resource Manager 1-3, 4-26

IPX-Dynamic Resource Manager 1-3, 4-26

isEmpty method A-2

J

Java service 4-13

JavaVMOptions 4-44

L

LDAP 18-1

hostname 18-3

MultipleServersPolicy 18-2

protocol 4-36

RemoteServers 4-33

ldap

BindName 4-36

BindPassword 4-36

Filter 4-37

HostName 4-36

LDAPToEnvironmentMappings 4-38

LDAPToRadiusMappings 4-38

LimitOutstandingRequests 4-37

MaxOutstandingRequests 4-37

MaxReferrals 4-37

PasswordEncryptionStyle 4-37

ReferralAttribute 4-37

ReferralFilter 4-37

SearchPath 4-37

Timeout 4-36, 4-39

UserPasswordAttribute 4-37

UseSSL 4-38

LDAP Rebind 18-4

failures 18-5

LDAP RemoteServer 18-2

LDAP server 1-14

LDAP service 18-1

LDAPToCheckItemMappings 4-38, 18-6

LDAPToEnvironmentMappings 4-38, 18-6

LDAPToRadiusMappings 4-38, 18-5

LEAP 8-13

Lightweight Directory Access Protocol 18-1

LimitOutstandingRequests 4-37

Listing users 3-14

local 4-14, B-10

UserList type 4-3

localhost 5-7

Local Service 6-2

local service 4-3

Locating clients 3-7

LogFileCount 4-43

Log files 24-3

file system 7-3

managing 7-3

LogFileSize 4-43

Logging in 2-6

GUI 3-4

Logging out 2-6

login command 2-6

Login page 3-3

log method A-2

LogServerActivity 4-42

M

Malformed Request reply message 4-48

Mapping XML attributes 12-5

MapSourceIPAddress 9-10

MaxFileAge 4-11, 4-15

MaxFileSize 4-11, 4-14

Maximum NumberOf RadiusPackets 4-42

MaximumODBCResultSize 4-44

MaxOutstandingRequests 4-37

MaxReferrals 4-37

MaxTries 4-41

MCD 21-1

mcdcd.d01-d03 21-2

mcdConfig.txt 21-2

MCD database 6-3

mcddb.dbd 21-2

mcddb.k01-k03 21-2

mcdshadow 21-1

Measurements

prepaid billing 14-6

Message logging (Linux) 23-3

Message logging (Solaris) 23-2

MinimumSocketBufferSize 4-43

Mobile Node-Home Agent 17-1

Monitor page 3-17

MPLS 11-1

MultipleServersPolicy 4-14, 4-15, 4-16, 18-2, 19-3

MVA

radclient 5-5

N

NAS 1-1, 7-1

NAS IP Address 4-49

NAS-IP-Address 1-13

NAS-Port 1-13

NAS-Vendor-Behind-the-Proxy 9-2

Neighbor 4-30

nextKey method A-2

O

ODAP

accounting service 11-7

address ranges 11-2

AllowNullPassword property 11-6

CiscoIncomingScript 11-3

configuration summary 11-4

configuring 11-4

configuring clients 11-15

configuring Session Managers 11-13

detailed configuration 11-5

on-demand address pool 11-1

Resource Managers 11-9

service 11-6

Session Managers 11-8

userlist 11-5

users 11-5

vendor type 11-4

ODBC.ini file 19-2

ODBCDataSource 19-4, 19-6

ODBC RemoteServer 19-3

ODBC service 19-2

ODBCToEnvironmentMappings 19-6

ODBCToRadiusMappings 19-6

ORACLE_HOME 19-2

Oracle Driver

Easysoft Open Source 19-6

Oracle functions 19-5

order dependent commands

see also aregcmd

OS paging size 4-22

OutagePolicy 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22

OutageScript 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22

OutgoingScript 3-9, 4-2, 4-6, 4-7, 4-41

OutgoingScriptFailed 4-49

OutgoingScriptRejectedRequest 4-49

Outgoing scripts 1-2, 1-7, 1-12

Outgoing-Translation-Groups B-6

P

Packet buffering 7-8

Packet fields 1-13

packet-identifier 5-3

Packet of disconnect 15-23

Paging size

operating system 4-29

Paging size (operating system) 4-22

ParseTranslationGroupsByCLID 16-9, 16-18

ParseTranslationGroupsByDNIS 16-9, 16-17, 16-18

ParseTranslationGroupsByReal 16-17

ParseTranslationGroupsByRealm 16-9

Password

length of 3-15, 4-4

PasswordEncryptionStyle 4-37

PCO-Parse-Client-Outgoing 14-14

PEAP Version 0 8-24

PEAP Version 1 8-27

Performance

aregcmd 2-3

Policies

configuring 16-1

validation 16-3

Policy 16-1

Policy Engine 16-1

Policy engine

attribute translation 16-8

parsing translation groups 16-9

reducing overhead 16-13

time of day access restrictions 16-10

wildcard support 16-2

Port 8080 3-1

Ports 4-45

Ports properties 4-1

PPO-Parse-Prepaid-Outgoing 14-15

PPP 1-2, 1-13, 4-30

Prepaid

AA service 14-4, 14-11

group service 14-5, 14-11, 14-13

Prepaid billing

measurements 14-6

Profile properties 3-12

Profiles

adding 3-11

editting 3-13

Protected EAP 8-1

Proxy server 1-14

put method A-2

Q

QueryKey 12-5

Query-Service B-6

Query Session Result page 3-26

query-sessions command 4-23

R

radclient

callsPerSecond 5-10

multivalued attributes 5-5

syntax 5-1

timetest 5-9

radclient commands 8-23

RADIUS

attribute name 5-5

attributes C-1

messages 1-12

packet type identifier 5-3

program flow 1-11

protocol 1-11

server 2-3, 2-6, 4-5, 5-3, 9-4

server test tool 5-1

RADIUS EXtension. See REX

RadiusServer object 1-1, 4-1

ReactivateTimerInterval 4-33

Realm B-6

ReferralAttribute 4-37

ReferralFilter 4-37

RejectAll 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22

Reject-Reason B-6

release-sessions command 4-23

RemoteLDAPServiceThreadTimerInterval 4-43

RemoteRadiusServerInterface 4-44

RemoteServer

ODBC-Accounting 4-39

prepaid-crb 4-40

RemoteServers 18-2, 19-3

Remote servers

policy 4-14, 4-15, 4-16

RemoteServers objects 4-1

RemoteServer types 4-33

REMOVE_ALL A-3, A-9

remove method A-3

RepIPMaster 10-7

REPLACE A-2, A-5, A-7, A-8

Replication

archive 10-3

automatic resynchronization 10-4

configuration settings 10-6

data flow 10-2

data integrity 10-4

hot configuration 10-5

hot-standby 10-1

impact on request processing 10-5

RepIPAddress 10-7

RepTransactionArchiveLimit 10-2, 10-6

RepTransactionSyncInterval 10-2, 10-6

security 10-3

slaves 10-8

slave server 10-2

transaction order 10-4

transaction verification 10-4

Reply Messages 4-48

RepMasterIPAddress 10-8

RepMasterPort 10-8

RepPort 10-7

RepSecret 10-7

RepType 10-6

Request Dictionary 1-12, 9-1

script 9-3

Request-Type Packets

Access-Accept B-7

Access-Challenge B-7

Access-Reject B-7

Access-Request B-7

Accounting-Request B-7

Accounting-Response B-7

Ascend-IPA-Allocate B-7

Ascend-IPA-Release B-7

Status-Client B-7

Status-Server B-7

USR-Enhanced-Radius B-7

USR-NAS-Reboot-Request B-7

USR-NAS-Reboot-Response B-7

USR-Resource-Free-Request B-7

USR-Resource-Free-Response B-7

USR-Resource-Query-Request B-7

USR-Resource-Query-Response B-7

RequireNASsBehindProxyBeInClientList 4-42, 4-46

Resource allocation

dynamic 1-3

ResourceManager

identity caching 12-4

Resource Managers 1-4, 4-26, 4-27

Group-Session-Limit 4-27

Home-Agent 4-27

IP-Dynamic 4-28

IP-Per-NAS-Port 4-28

IPX-Dynamic 4-28

subnet-dynamic 4-29

User-Session-Limit 4-30

USR-VPN 4-30

Response Dictionary 1-12, 9-1

script 9-4

Response-Type B-8

Resynchronization

automatic 10-4

full 10-5

REX

scripts 4-7

REX attribute dictionary

getBytes method A-6

putBytes method A-8

REX environment dictionary

allocateMemory A-10

clear A-10

containsKey A-10

firstKey A-10

get A-10

isEmpty A-10

log A-10

nextKey A-10

put A-10

remove A-10

reschedule A-11

size A-11

trace A-11

rex service

EntryPoint 4-22

Filename 4-22

InitEntryPoint 4-22

InitEntryPointArgs 4-22

RFC

2866 7-1

RFC 2138 4-49, C-1

RolloverSchedule 7-3

time format 7-4

RoundRobin policy 4-14, 4-15, 4-16, 8-21

Routing requests 16-4

based on CLID 16-6

based on DNIS 16-5

based on NASIP 16-6

based on realm 16-4

based on User-Name Prefix 16-7

RPC services 2-4

Rules 16-1

script and attribute requirements 16-3

standard scripts 16-14

S

Scripting point 9-1

NAS IncomingScript 9-4

Scripts 9-6

ACMEOutgoingScript 9-6

adding script definition 9-4

AltigaIncomingScript 9-6

ANAAAOutgoing 9-7

AuthorizePPP 9-7

AuthorizeService 9-7

AuthorizeSLIP 9-7

AuthorizeTelnet 9-8

choosing the type of script 9-3

determining goal 9-1

ExecCLIDRule 9-8

ExecDNISRule 9-9

ExecFilterRule 9-9

ExecRealmRule 9-9

extension points 9-2

ParseAAARealm 9-10

ParseAARealm 9-10

ParseAASRealm 9-10

ParseProxyHints 9-11

ParseServiceAndAAARealmHints 9-11

ParseServiceAndAAASRealmHints 9-11

ParseServiceAndAARealmHints 9-11

ParseServiceAndAASRealmHints 9-11

ParseServiceAndProxyHints 9-11

ParseServiceHints 9-12

ParseTranslationGroupsByCLID 9-12

ParseTranslationGroupsByDNIS 9-12

ParseTranslationGroupsByRealm 9-12

tParseAASRealm 9-10

tParseProxyHints 9-11

tParseServiceAndAAARealmHints 9-11

tParseServiceAndProxyHints 9-11

tParseServiceHints 9-12

types of 1-2

UseCLIDAsSessionKey 9-12

USROutgoingScript 9-13

writing 9-2

SearchPath 4-37

SelectPolicy 16-1

Server

master 10-1

primary 10-1

secondary 10-1

Server log 3-21

Server Trace Level 3-19

Services

file 4-11

ldap 4-15

local 4-3, 4-14, B-10

proxy requests 4-33

radius 4-15

tacacs-udp 4-15

used for 1-3

services 4-9

Services objects 4-9

ServiceUnavailable reply message 4-48

SESM 13-1

SessionBackingStoreSynchronizationInterval 4-43

session-cache 4-28

Session List and Query page 3-25

Session Management

definition 1-1

types of 1-3

Session Managers 4-22

Session record size 4-22, 4-29

Setting attributes

spaces in value 2-11, 6-8

Shadow backups 21-1

Shared key

MN-HA 17-1

Shared libraries A-1

SharedSecret 4-27, 4-41

Shared secret 3-9, 4-6

definition 1-11

size method A-3

SLIP 1-13

SNMP 4-45, 20-1

configuration files 20-5, 20-6

traps 20-2

SNMP Configuration

community string 20-6

snmp.conf file 20-6

snmpd.conf file 20-6

SQLDefinition 19-4

SQL queries 19-5

SQLStatement 19-4

SQL syntax restrictions 19-5

SSG 13-1

stats command B-6

sticky commands 2-7

STRING

attribute type 4-50

syslog messages 23-1

T

tacacs-udp 4-33

Tcl attribute dictionary A-1, A-2

addProfile method A-2

clear method A-2

firstKey method A-2

get method A-2

isEmpty method A-2

log method A-2

nextKey method A-2

remove method A-3

size method A-3

trace method A-3

Tcl scripts 9-6

TerminationAction reply message 4-49

Timeout 4-36, 4-39

timetest 5-9

tMapSourceIPAddress 9-10

tParseAARealm 9-10

tParseServiceAndAAASRealmHints 9-11

tParseServiceAndAARealmHints 9-11

tParseServiceAndAASRealmHints 9-11

Trace Level page 3-18

Trace levels 3-19

trace method A-3

Trap configuration

directories searched 20-5

Traps

carAccountingLoggingFailure 20-5

carInputQueueFull 20-3

carInputQueueNotVeryFull 20-3

carOtherAccServerResponding 20-5

carOtherAuthServeNotrResponding 20-4

carOtherAuthServerResponding 20-4

carServerStart 20-3

carServerStop 20-3

configuring 20-5

supported 20-3

Trusted ID

configuration overview 13-2

Trusted Identity 13-1

tunnel command 8-23

TunnelRefresh 4-27

U

UDPPacketSize 4-42

UINT32

attribute type 4-50

UnableToAcquireResource reply message 4-48

UNDEFINED

attribute type 4-50

UNIX directories 1-1

UnknownUser reply message 4-48

use_challenge parameter 5-2

UseAdvancedDuplicateDetection 4-44, 4-46

UserDefined 4-4

User extensions. See Scripts.

UserGroups

check item attributes 15-22

UserList 1-2

check item attributes 15-22

UserLists page 3-13

UserNotEnabled reply message 4-48

User objects 1-2

UserPasswordAttribute 4-37

UserPasswordInvalid 4-48

User-Profile B-10

User profiles 1-2

User properties 3-15, 4-4

Users

adding 3-15

editting 3-16

UserService 8-14

User-Session-Limit B-10

User-Session-Limit Resource Manager 4-26

User-session-limit Resource Manager 1-3

UseSSL 4-38

Using SESM with Cisco AR 13-1

USRIncomingScript 9-12

USRIncomingscript-ignoreAccountingSignature 9-12

USR-VPN

FramedRouting 4-30

Gateways 4-30

Identifier 4-30

Neighbor 4-30

USR-VPN Resource Manager 1-3, 4-26

V

valueAsInt 5-6

valueAsIPAddress 5-6

Variables

environment B-1

radclient 5-9

VENDOR_ SPECIFIC

attribute type 4-50

VendorID 4-50

Vendor specific attributes C-13

Ascend C-27

Cabletron C-36

Cisco C-39

Compatible C-41

Nomadix C-42

RedCreek C-42, C-45

WISPr C-71

Vendor-specific attributes

3GPP2 C-13, C-14

ACC C-20

Altiga C-25

Bay Networks C-36

Vendor-specificattributes

Telebit C-48

VHG/PE router 11-1

VRFs 11-2

VSAs C-13

W

Windows 95 Registry 1-1

X

XML-Address-format-IPv4 12-5

XML-UserId-id_type-subscriber_id 12-5

	Cisco Access Registrar User Guide
	Index
Cisco Access Registrar User Guide Index About This Guide Overview Using the aregcmd Commands Using the Graphical User Interface Cisco Access Registrar Server Objects Using the radclient Command Configuring Local Authentication and Authorization RADIUS Accounting Extensible Authentication Protocols Using Extension Points Using Replication Using On-Demand Address Pools Using Identity Caching Using Trusted ID Authorization with SESM Using Prepaid Billing Using Cisco Access Registrar Features Using the Policy Engine Wireless Support Using LDAP Using Open Database Connectivity Using SNMP Backing Up the Database Using the REX Accounting Script Logging syslog Messages Troubleshooting Cisco Access Registrar Cisco Access Registrar Tcl and REX Dictionaries Environment Dictionary RADIUS Attributes Glossary Cisco Access Registrar User Guide	Download this chapter Index Table Of Contents A - B - C - D - E - F - G - H - I - J - L - M - N - O - P - Q - R - S - T - U - V - W - X - Index A AAAFileServiceSyncInterval 4-43 AcceptAll 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22 Accepted-Profiles B-1 Access-Challenge 1-11 Access Registrar backups 21-1 definition 1-1 dictionaries 9-1 internal database 21-1 objects 1-1, 4-3 server 4-2 Access-Reject B-8 Access-Request 5-2, 5-7 Accounting 7-1 attributes 1-13 database 1-1 definition 1-1 log file 4-11 MaxFileAge 7-2 MaxFileAge format 7-4 MaxFileSize 7-2 MaxFileSize format 7-3 RolloverSchedule 7-2 setting up 7-1 Start 7-1 Stop 7-1 Accounting log 3-22 Accounting records 14-10 Accounting-Service B-2 ACKaccounting 4-41 Acquire-Dynamic-DNS B-2 Acquire-Home-Agent B-2 Add Administrator page 3-6 Adding administrators 3-6 Adding AV pairs 3-16 Adding clients 3-8 Adding profiles 3-11 Adding users 3-15 addProfile method A-2 Administrator properties 3-6 AdvancedDuplicateDetectionMemoryInterval 4-44, 4-46 AltigaOutgoingScript 9-7 ANAAAOutgoing 9-7 APPEND A-2, A-5, A-7, A-8 aregcmd Access Registrar command 2-1 command performance 2-3 commands 2-4 add 2-4 cd 2-4 delete 2-5 exit 2-5 filter 2-5 find 2-5 help 2-6 insert 2-6 login 2-6 logout 2-6 ls 2-7 next 2-7 prev 2-7 pwd 2-8 query-sessions 2-8 quit 2-8 release-sessions 2-8 reload 2-9 save 2-9 set 2-10 start 2-11 stats 2-11 status 2-12 stop 2-12 trace 2-13 unset 2-14 validate 2-14 definition 2-1 error codes 2-16 save 6-3 session management commands 4-23 syntax 2-1 aregcmd CLI log 3-23 ARIsCaseInsensitive 4-44 AscendIncomingScript 9-7 AscendOutgoingScript 9-7 Attribute Dictionary 1-13, 4-49, A-1 methods A-1 put method A-2 Attributes 4-31, C-1 alphabetical list C-2 check item 15-21 numeric list C-5 AttributesToBeCached 12-5 AUGMENT A-2, A-5, A-7, A-8 Authentication-Service 1-6 Authorization definition 1-1 Authorization-Service 1-6 B BackingStore-Env-Vars B-3 Backups 21-1 BaseProfile 3-16, 4-4, 4-5 BindName 4-36 BindPassword 4-36 Broadcast-Accounting-Packet B-4 C CabletronOutgoing 9-8 Cache-Attributes-In-Session B-4 Callback-Number 1-13 callsPerSecond 5-10 Case insensitive commands see also aregcmd cd command 2-1 CertificateDBPath 4-43 change directory command see also aregcmd Change of Authorization (CoA) 15-27 CHAP Access Request packet 5-2 CHAP_ PASSWORD attribute type 4-50 Check item attributes 15-21 CiscoIncoming 9-8 CiscoOutgoing 9-8 Cisco Subscriber Edge Services Manager 13-1 CiscoWithODAPIncomingScript 9-8, 11-1, 11-3 clear method A-2 Client/server model 1-11 Client-Behind-the-Proxy 9-2 Client properties 3-8 Clients adding 3-8 IPAddress 3-9, 4-6 list 4-46 required attributes 3-8 vendor properties 3-9, 4-6 CoA requests 15-27 Commands eap-trace 8-23 tunnel 8-23 ConfigurationError reply message 4-49 Configuration Objects 2-3 Configure page 3-4 Configuring check item attributes 15-22 LDAP RemoteServer 18-2 local service 6-2 ODBC RemoteServer 19-3 Configuring clients 3-7 Configuring CoA requests 15-27 Configuring profiles 3-10 Configuring rules 16-2 containsKey method A-2 CRB-Prepaid billing with SSG 14-14 D Database Access Registrar backups 21-1 MCD 6-3 DefaultAccountingService 4-3 DefaultAuthenticationService 1-3, 4-2 DefaultAuthorizationService 4-3 DefaultReturnedSubnetSizeIfNoMatch 4-44 DefaultSessionManager 4-3 DefaultSessionService 4-3 Destination-IP-Address B-4 Destination-port B-4 Dictionaries Types of 9-1 Dictionary attribute 4-45 Disable-Accounting-On-Off-Broadcast B-4 DNSLookupAndLDAPRebindInterval 18-5 DropPacket. 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22 Dynamic-DNS-HostName B-4 Dynamic-Search-Filter B-4 E EAP 4-10, 8-1 authentication mechanism 8-1 fatal error packet handling 4-47 SilentDiscard 4-47 EAP-Actual-Identity B-5 EAP authentication 8-1 EAP-Authentication-Mode B-5 EapBadMessagePolicy 4-47 EAP-GTC 8-11, 8-12 EAP-LEAP 8-13 EAP-MD5 8-14 EAP-MSChapv2 8-16 EAP-Negotiate 8-15, 8-16 EAP response messages 4-47 EAP-SIM 8-20 EAP-SIM authentication 8-20 eap-trace command 8-23 EAP-Transport Level Security 8-18 Easysoft Open Source 19-6 Editting users 3-16 Editting administrators 3-6 Editting clients 3-10 Editting profiles 3-13 Empty string 2-1 EntryPoint 4-22 ENUM attribute type 4-50 Environment Dictionary 1-3, 1-6, 9-1, 9-3 Environment Dictionary script 9-4 Environment variable Accounting-Service B-2 Acquire-Group-Session-Limit B-2 Acquire-IP-Dynamic B-2 Acquire-IP-Per-NAS-Port B-2 Acquire-IPX-Dynamic B-2 Acquire-Subnet-Dynamic B-3 Acquire-User-Session-Limit B-3 Acquire-USR-VPN B-3 Allow-Null-Password B-3 Authentication-Service B-3 Authorization-Service B-3 Current-Group-Count B-4 Dynamic-Search-Path B-5 Group-Session-Limit B-5 Ignore-Accounting-Signature B-5 Incoming-Translation-Groups B-5 Misc-Log-Msg-Info B-5 Reject-Reason B-6 Remote-Server B-6 Request-Authenticator B-6 Request-Type B-7 Require-User-To-Be-In-Authorization-List B-7 Response-Type B-8 Session-Key B-8 Session-Manager B-8 Session-Service B-8 Source-IP-Address B-9 Trace-Level B-9 Unavailable-Resource B-9 Unavailable-Resource-Type B-9 User Authorization-Script B-10 User-Group B-10 User-Group-Session-Limit B-10 User-Name B-10 User-Profile B-10 User-Session-Limit B-10 Error codes aregcmd 2-16 ExecCLIDRule 16-15 ExecDNISRule 16-15 ExecNASIPRule 16-15 ExecRealmRule 16-14 ExecTimeRule 16-11, 16-17 Extensible Authentiction Protocols 8-1 Extension points 9-2 F Failover policy 4-14, 4-15, 4-16, 8-21 Fatal error packet 4-47 Filename 4-22 FilenamePrefix 4-11, 4-14 file service 4-8, 4-11 FilenamePrefix 4-11, 4-14 MaxFileAge 4-11, 4-15 MaxFileSize 4-11, 4-14 Filter 4-37 firstKey method A-2 Framed-IP-Address 1-13 Framed Protocol 1-13 FramedRouting 4-30 G Gateway Description 4-27 IPAddress 4-27 LocationID 4-27 Name 4-27 SharedSecret 4-27 TunnelRefresh 4-27 Gateways 4-30 get method A-2 Grouping property 16-1 Group service 14-5, 14-11, 14-13 Group-Session-Limit Resource Manager 1-3, 4-26 GUI administrators page 3-5 configure page 3-4 launching 3-1 logging in 3-3 log out 3-4 overview page 3-4 top-level 3-4 H HiddenAttributes 4-4 HostName 4-36 Hot configuration 10-5 Hot-lining 15-27 I Identifier 4-30 IncomingScript 1-5, 3-9, 4-2, 4-6, 4-7, 4-41 IncomingScriptFailed reply message 4-49 IncomingScript RejectedRequest reply message 4-49 Incoming scripts 1-2, 1-12 InitEntryPoint 4-8, 4-22 InitEntryPointArgs 4-22 InitialBackgroundTimerSleepTime 4-43 InitialTimeout 4-41 Input queue high threshold 20-3 Interfaces properties 4-1 InternalError reply message 4-48 IPADDR attribute type 4-50 IPAddress 3-9, 4-6 IP-Dynamic Resource Manager 1-3, 4-26 IP-Per-NAS-Port Resource Manager 1-3, 4-26 IPX-Dynamic Resource Manager 1-3, 4-26 isEmpty method A-2 J Java service 4-13 JavaVMOptions 4-44 L LDAP 18-1 hostname 18-3 MultipleServersPolicy 18-2 protocol 4-36 RemoteServers 4-33 ldap BindName 4-36 BindPassword 4-36 Filter 4-37 HostName 4-36 LDAPToEnvironmentMappings 4-38 LDAPToRadiusMappings 4-38 LimitOutstandingRequests 4-37 MaxOutstandingRequests 4-37 MaxReferrals 4-37 PasswordEncryptionStyle 4-37 ReferralAttribute 4-37 ReferralFilter 4-37 SearchPath 4-37 Timeout 4-36, 4-39 UserPasswordAttribute 4-37 UseSSL 4-38 LDAP Rebind 18-4 failures 18-5 LDAP RemoteServer 18-2 LDAP server 1-14 LDAP service 18-1 LDAPToCheckItemMappings 4-38, 18-6 LDAPToEnvironmentMappings 4-38, 18-6 LDAPToRadiusMappings 4-38, 18-5 LEAP 8-13 Lightweight Directory Access Protocol 18-1 LimitOutstandingRequests 4-37 Listing users 3-14 local 4-14, B-10 UserList type 4-3 localhost 5-7 Local Service 6-2 local service 4-3 Locating clients 3-7 LogFileCount 4-43 Log files 24-3 file system 7-3 managing 7-3 LogFileSize 4-43 Logging in 2-6 GUI 3-4 Logging out 2-6 login command 2-6 Login page 3-3 log method A-2 LogServerActivity 4-42 M Malformed Request reply message 4-48 Mapping XML attributes 12-5 MapSourceIPAddress 9-10 MaxFileAge 4-11, 4-15 MaxFileSize 4-11, 4-14 Maximum NumberOf RadiusPackets 4-42 MaximumODBCResultSize 4-44 MaxOutstandingRequests 4-37 MaxReferrals 4-37 MaxTries 4-41 MCD 21-1 mcdcd.d01-d03 21-2 mcdConfig.txt 21-2 MCD database 6-3 mcddb.dbd 21-2 mcddb.k01-k03 21-2 mcdshadow 21-1 Measurements prepaid billing 14-6 Message logging (Linux) 23-3 Message logging (Solaris) 23-2 MinimumSocketBufferSize 4-43 Mobile Node-Home Agent 17-1 Monitor page 3-17 MPLS 11-1 MultipleServersPolicy 4-14, 4-15, 4-16, 18-2, 19-3 MVA radclient 5-5 N NAS 1-1, 7-1 NAS IP Address 4-49 NAS-IP-Address 1-13 NAS-Port 1-13 NAS-Vendor-Behind-the-Proxy 9-2 Neighbor 4-30 nextKey method A-2 O ODAP accounting service 11-7 address ranges 11-2 AllowNullPassword property 11-6 CiscoIncomingScript 11-3 configuration summary 11-4 configuring 11-4 configuring clients 11-15 configuring Session Managers 11-13 detailed configuration 11-5 on-demand address pool 11-1 Resource Managers 11-9 service 11-6 Session Managers 11-8 userlist 11-5 users 11-5 vendor type 11-4 ODBC.ini file 19-2 ODBCDataSource 19-4, 19-6 ODBC RemoteServer 19-3 ODBC service 19-2 ODBCToEnvironmentMappings 19-6 ODBCToRadiusMappings 19-6 ORACLE_HOME 19-2 Oracle Driver Easysoft Open Source 19-6 Oracle functions 19-5 order dependent commands see also aregcmd OS paging size 4-22 OutagePolicy 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22 OutageScript 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22 OutgoingScript 3-9, 4-2, 4-6, 4-7, 4-41 OutgoingScriptFailed 4-49 OutgoingScriptRejectedRequest 4-49 Outgoing scripts 1-2, 1-7, 1-12 Outgoing-Translation-Groups B-6 P Packet buffering 7-8 Packet fields 1-13 packet-identifier 5-3 Packet of disconnect 15-23 Paging size operating system 4-29 Paging size (operating system) 4-22 ParseTranslationGroupsByCLID 16-9, 16-18 ParseTranslationGroupsByDNIS 16-9, 16-17, 16-18 ParseTranslationGroupsByReal 16-17 ParseTranslationGroupsByRealm 16-9 Password length of 3-15, 4-4 PasswordEncryptionStyle 4-37 PCO-Parse-Client-Outgoing 14-14 PEAP Version 0 8-24 PEAP Version 1 8-27 Performance aregcmd 2-3 Policies configuring 16-1 validation 16-3 Policy 16-1 Policy Engine 16-1 Policy engine attribute translation 16-8 parsing translation groups 16-9 reducing overhead 16-13 time of day access restrictions 16-10 wildcard support 16-2 Port 8080 3-1 Ports 4-45 Ports properties 4-1 PPO-Parse-Prepaid-Outgoing 14-15 PPP 1-2, 1-13, 4-30 Prepaid AA service 14-4, 14-11 group service 14-5, 14-11, 14-13 Prepaid billing measurements 14-6 Profile properties 3-12 Profiles adding 3-11 editting 3-13 Protected EAP 8-1 Proxy server 1-14 put method A-2 Q QueryKey 12-5 Query-Service B-6 Query Session Result page 3-26 query-sessions command 4-23 R radclient callsPerSecond 5-10 multivalued attributes 5-5 syntax 5-1 timetest 5-9 radclient commands 8-23 RADIUS attribute name 5-5 attributes C-1 messages 1-12 packet type identifier 5-3 program flow 1-11 protocol 1-11 server 2-3, 2-6, 4-5, 5-3, 9-4 server test tool 5-1 RADIUS EXtension. See REX RadiusServer object 1-1, 4-1 ReactivateTimerInterval 4-33 Realm B-6 ReferralAttribute 4-37 ReferralFilter 4-37 RejectAll 4-9, 4-11, 4-13, 4-14, 4-15, 4-16, 4-22 Reject-Reason B-6 release-sessions command 4-23 RemoteLDAPServiceThreadTimerInterval 4-43 RemoteRadiusServerInterface 4-44 RemoteServer ODBC-Accounting 4-39 prepaid-crb 4-40 RemoteServers 18-2, 19-3 Remote servers policy 4-14, 4-15, 4-16 RemoteServers objects 4-1 RemoteServer types 4-33 REMOVE_ALL A-3, A-9 remove method A-3 RepIPMaster 10-7 REPLACE A-2, A-5, A-7, A-8 Replication archive 10-3 automatic resynchronization 10-4 configuration settings 10-6 data flow 10-2 data integrity 10-4 hot configuration 10-5 hot-standby 10-1 impact on request processing 10-5 RepIPAddress 10-7 RepTransactionArchiveLimit 10-2, 10-6 RepTransactionSyncInterval 10-2, 10-6 security 10-3 slaves 10-8 slave server 10-2 transaction order 10-4 transaction verification 10-4 Reply Messages 4-48 RepMasterIPAddress 10-8 RepMasterPort 10-8 RepPort 10-7 RepSecret 10-7 RepType 10-6 Request Dictionary 1-12, 9-1 script 9-3 Request-Type Packets Access-Accept B-7 Access-Challenge B-7 Access-Reject B-7 Access-Request B-7 Accounting-Request B-7 Accounting-Response B-7 Ascend-IPA-Allocate B-7 Ascend-IPA-Release B-7 Status-Client B-7 Status-Server B-7 USR-Enhanced-Radius B-7 USR-NAS-Reboot-Request B-7 USR-NAS-Reboot-Response B-7 USR-Resource-Free-Request B-7 USR-Resource-Free-Response B-7 USR-Resource-Query-Request B-7 USR-Resource-Query-Response B-7 RequireNASsBehindProxyBeInClientList 4-42, 4-46 Resource allocation dynamic 1-3 ResourceManager identity caching 12-4 Resource Managers 1-4, 4-26, 4-27 Group-Session-Limit 4-27 Home-Agent 4-27 IP-Dynamic 4-28 IP-Per-NAS-Port 4-28 IPX-Dynamic 4-28 subnet-dynamic 4-29 User-Session-Limit 4-30 USR-VPN 4-30 Response Dictionary 1-12, 9-1 script 9-4 Response-Type B-8 Resynchronization automatic 10-4 full 10-5 REX scripts 4-7 REX attribute dictionary getBytes method A-6 putBytes method A-8 REX environment dictionary allocateMemory A-10 clear A-10 containsKey A-10 firstKey A-10 get A-10 isEmpty A-10 log A-10 nextKey A-10 put A-10 remove A-10 reschedule A-11 size A-11 trace A-11 rex service EntryPoint 4-22 Filename 4-22 InitEntryPoint 4-22 InitEntryPointArgs 4-22 RFC 2866 7-1 RFC 2138 4-49, C-1 RolloverSchedule 7-3 time format 7-4 RoundRobin policy 4-14, 4-15, 4-16, 8-21 Routing requests 16-4 based on CLID 16-6 based on DNIS 16-5 based on NASIP 16-6 based on realm 16-4 based on User-Name Prefix 16-7 RPC services 2-4 Rules 16-1 script and attribute requirements 16-3 standard scripts 16-14 S Scripting point 9-1 NAS IncomingScript 9-4 Scripts 9-6 ACMEOutgoingScript 9-6 adding script definition 9-4 AltigaIncomingScript 9-6 ANAAAOutgoing 9-7 AuthorizePPP 9-7 AuthorizeService 9-7 AuthorizeSLIP 9-7 AuthorizeTelnet 9-8 choosing the type of script 9-3 determining goal 9-1 ExecCLIDRule 9-8 ExecDNISRule 9-9 ExecFilterRule 9-9 ExecRealmRule 9-9 extension points 9-2 ParseAAARealm 9-10 ParseAARealm 9-10 ParseAASRealm 9-10 ParseProxyHints 9-11 ParseServiceAndAAARealmHints 9-11 ParseServiceAndAAASRealmHints 9-11 ParseServiceAndAARealmHints 9-11 ParseServiceAndAASRealmHints 9-11 ParseServiceAndProxyHints 9-11 ParseServiceHints 9-12 ParseTranslationGroupsByCLID 9-12 ParseTranslationGroupsByDNIS 9-12 ParseTranslationGroupsByRealm 9-12 tParseAASRealm 9-10 tParseProxyHints 9-11 tParseServiceAndAAARealmHints 9-11 tParseServiceAndProxyHints 9-11 tParseServiceHints 9-12 types of 1-2 UseCLIDAsSessionKey 9-12 USROutgoingScript 9-13 writing 9-2 SearchPath 4-37 SelectPolicy 16-1 Server master 10-1 primary 10-1 secondary 10-1 Server log 3-21 Server Trace Level 3-19 Services file 4-11 ldap 4-15 local 4-3, 4-14, B-10 proxy requests 4-33 radius 4-15 tacacs-udp 4-15 used for 1-3 services 4-9 Services objects 4-9 ServiceUnavailable reply message 4-48 SESM 13-1 SessionBackingStoreSynchronizationInterval 4-43 session-cache 4-28 Session List and Query page 3-25 Session Management definition 1-1 types of 1-3 Session Managers 4-22 Session record size 4-22, 4-29 Setting attributes spaces in value 2-11, 6-8 Shadow backups 21-1 Shared key MN-HA 17-1 Shared libraries A-1 SharedSecret 4-27, 4-41 Shared secret 3-9, 4-6 definition 1-11 size method A-3 SLIP 1-13 SNMP 4-45, 20-1 configuration files 20-5, 20-6 traps 20-2 SNMP Configuration community string 20-6 snmp.conf file 20-6 snmpd.conf file 20-6 SQLDefinition 19-4 SQL queries 19-5 SQLStatement 19-4 SQL syntax restrictions 19-5 SSG 13-1 stats command B-6 sticky commands 2-7 STRING attribute type 4-50 syslog messages 23-1 T tacacs-udp 4-33 Tcl attribute dictionary A-1, A-2 addProfile method A-2 clear method A-2 firstKey method A-2 get method A-2 isEmpty method A-2 log method A-2 nextKey method A-2 remove method A-3 size method A-3 trace method A-3 Tcl scripts 9-6 TerminationAction reply message 4-49 Timeout 4-36, 4-39 timetest 5-9 tMapSourceIPAddress 9-10 tParseAARealm 9-10 tParseServiceAndAAASRealmHints 9-11 tParseServiceAndAARealmHints 9-11 tParseServiceAndAASRealmHints 9-11 Trace Level page 3-18 Trace levels 3-19 trace method A-3 Trap configuration directories searched 20-5 Traps carAccountingLoggingFailure 20-5 carInputQueueFull 20-3 carInputQueueNotVeryFull 20-3 carOtherAccServerResponding 20-5 carOtherAuthServeNotrResponding 20-4 carOtherAuthServerResponding 20-4 carServerStart 20-3 carServerStop 20-3 configuring 20-5 supported 20-3 Trusted ID configuration overview 13-2 Trusted Identity 13-1 tunnel command 8-23 TunnelRefresh 4-27 U UDPPacketSize 4-42 UINT32 attribute type 4-50 UnableToAcquireResource reply message 4-48 UNDEFINED attribute type 4-50 UNIX directories 1-1 UnknownUser reply message 4-48 use_challenge parameter 5-2 UseAdvancedDuplicateDetection 4-44, 4-46 UserDefined 4-4 User extensions. See Scripts. UserGroups check item attributes 15-22 UserList 1-2 check item attributes 15-22 UserLists page 3-13 UserNotEnabled reply message 4-48 User objects 1-2 UserPasswordAttribute 4-37 UserPasswordInvalid 4-48 User-Profile B-10 User profiles 1-2 User properties 3-15, 4-4 Users adding 3-15 editting 3-16 UserService 8-14 User-Session-Limit B-10 User-Session-Limit Resource Manager 4-26 User-session-limit Resource Manager 1-3 UseSSL 4-38 Using SESM with Cisco AR 13-1 USRIncomingScript 9-12 USRIncomingscript-ignoreAccountingSignature 9-12 USR-VPN FramedRouting 4-30 Gateways 4-30 Identifier 4-30 Neighbor 4-30 USR-VPN Resource Manager 1-3, 4-26 V valueAsInt 5-6 valueAsIPAddress 5-6 Variables environment B-1 radclient 5-9 VENDOR_ SPECIFIC attribute type 4-50 VendorID 4-50 Vendor specific attributes C-13 Ascend C-27 Cabletron C-36 Cisco C-39 Compatible C-41 Nomadix C-42 RedCreek C-42, C-45 WISPr C-71 Vendor-specific attributes 3GPP2 C-13, C-14 ACC C-20 Altiga C-25 Bay Networks C-36 Vendor-specificattributes Telebit C-48 VHG/PE router 11-1 VRFs 11-2 VSAs C-13 W Windows 95 Registry 1-1 X XML-Address-format-IPv4 12-5 XML-UserId-id_type-subscriber_id 12-5
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.