|
MS-CHAP Attributes
|
|
26
|
311
|
1
|
MSCHAP-Response
|
It contains the response value provided by a PPP MS-CHAP user responding to the challenge. It is only used in Access-Request
packets. This attribute is identical to the PPP CHAP Identifier. (RFC 2548)
|
|
26
|
311
|
11
|
MSCHAP-Challenge
|
Contains the challenge sent by a network access server to an MS-CHAP user. It can be used in both Access-Request and Access-Challenge
packets. (RFC 2548)
|
|
VPDN Attributes
|
|
26
|
9
|
1
|
l2tp-cm-local-window-size
|
This specifies the maximum receive window size for L2TP control messages, and this value is advertised to the peer during
tunnel establishment.
|
|
26
|
9
|
1
|
l2tp-drop-out-of-order
|
Respects sequence numbers on data packets by dropping those that are received out of order. This does not ensure that sequence
numbers will be sent on data packets, just how to handle them if they are received.
|
|
26
|
9
|
1
|
l2tp-hello-interval
|
Specifies the number of seconds for the hello keepalive interval. Hello packets are sent when no data has been sent on a
tunnel for the number of seconds configured here.
|
|
26
|
9
|
1
|
l2tp-hidden-avp
|
When enabled, sensitive AVPs in L2TP control messages are scrambled or hidden.
|
|
26
|
9
|
1
|
l2tp-nosession-timeout
|
Specifies the number of seconds that a tunnel will stay active with no sessions before timing out and shutting down.
|
|
26
|
9
|
1
|
tunnel-tos-reflect
|
Copies the IP ToS field from the IP header of each payload packet to the IP header of the tunnel packet for packets entering
the tunnel at the LNS.
|
|
26
|
9
|
1
|
l2tp-tunnel-authen
|
If this attribute is set, it performs L2TP tunnel authentication.
|
|
26
|
9
|
1
|
l2tp-tunnel-password
|
This shared secret is used for L2TP tunnel authentication and AVP hiding.
|
|
26
|
9
|
1
|
l2tp-udp-checksum
|
This is an authorization attribute and defines whether L2TP should perform UDP checksums for data packets. Valid values are
“yes” and “no.” The default is no.
|
|
Store and Forward Fax Attributes
|
|
26
|
9
|
3
|
Fax-Account-Id-Origin
|
Indicates the account ID origin as defined by system administrator for the mmoip
aaa
receive-id or the mmoip
aaa
send-id commands.
|
|
26
|
9
|
4
|
Fax-Msg-Id=
|
Indicates a unique fax message identification number assigned by Store and Forward Fax.
|
|
26
|
9
|
5
|
Fax-Pages
|
Indicates the number of pages transmitted or received during this fax session. This page count includes cover pages.
|
|
26
|
9
|
6
|
Fax-Coverpage-Flag
|
Indicates whether or not a cover page was generated by the off-ramp gateway for this fax session. True indicates that a cover
page was generated; false means that a cover page was not generated.
|
|
26
|
9
|
7
|
Fax-Modem-Time
|
Indicates the amount of time in seconds the modem sent fax data (x) and the amount of time in seconds of the total fax session
(y), which includes both fax-mail and PSTN time, in the form x/y. For example, 10/15 means that the transfer time took 10
seconds, and the total fax session took 15 seconds.
|
|
26
|
9
|
8
|
Fax-Connect-Speed
|
Indicates the modem speed at which this fax-mail was initially transmitted or received. Possible values are 1200, 4800, 9600,
and 14400.
|
|
26
|
9
|
9
|
Fax-Recipient-Count
|
Indicates the number of recipients for this fax transmission. Until e-mail servers support Session mode, the number should
be 1.
|
|
26
|
9
|
10
|
Fax-Process-Abort-Flag
|
True means the session was terminated; false means the session was successful, indicating the fax session's status.
|
|
26
|
9
|
11
|
Fax-Dsn-Address
|
Indicates the address to which DSNs will be sent.
|
|
26
|
9
|
12
|
Fax-Dsn-Flag
|
Indicates whether or not DSN has been enabled. True indicates that DSN has been enabled; false means that DSN has not been
enabled.
|
|
26
|
9
|
13
|
Fax-Mdn-Address
|
Indicates the address to which MDNs will be sent.
|
|
26
|
9
|
14
|
Fax-Mdn-Flag
|
Indicates whether message delivery notification (MDN) is enabled. True means MDN is enabled; false means MDN is not enabled.
|
|
26
|
9
|
15
|
Fax-Auth-Status
|
Indicates whether or not authentication for this fax session was successful. Possible values for this field are success,
failed, bypassed, or unknown.
|
|
26
|
9
|
16
|
Email-Server-Address
|
Indicates the IP address of the e-mail server handling the on-ramp fax-mail message.
|
|
26
|
9
|
17
|
Email-Server-Ack-Flag
|
Indicates that the on-ramp gateway has received a positive acknowledgment from the e-mail server accepting the fax-mail message.
|
|
26
|
9
|
18
|
Gateway-Id
|
Indicates the name of the gateway that processed the fax session. The name appears in the following format: hostname.domain-name.
|
|
26
|
9
|
19
|
Call-Type
|
Describes the type of fax activity: fax receive or fax send.
|
|
26
|
9
|
20
|
Port-Used
|
Indicates the slot/port number of the Cisco AS5300 used to either transmit or receive this fax-mail.
|
|
26
|
9
|
21
|
Abort-Cause
|
If the fax session terminates, indicates the system component that signaled the termination. Examples of system components
that could trigger termination: FAP, TIFF, fax-mail client, fax-mail server, ESMTP client, ESMTP server.
|
|
H323 Attributes
|
|
26
|
9
|
23
|
Remote-Gateway-ID (h323-remote-address)
|
Indicates the IP address of the remote gateway.
|
|
26
|
9
|
24
|
Connection-ID
(h323-conf-id)
|
Identifies the conference ID.
|
|
26
|
9
|
25
|
Setup-Time
(h323-setup-time)
|
Indicates the setup time for this connection in Coordinated Universal Time (UTC) formerly known as Greenwich Mean Time (GMT)
or Zulu time.
|
|
26
|
9
|
26
|
Call-Origin
(h323-call-origin)
|
Indicates the origin of the call relative to the gateway. Possible values are originating and terminating (answer).
|
|
26
|
9
|
27
|
Call-Type
(h323-call-type)
|
Indicates call leg type. Possible values are telephony and VoIP .
|
|
26
|
9
|
28
|
Connect-Time
(h323-connect-time)
|
Indicates the connection time for this call leg in UTC.
|
|
26
|
9
|
29
|
Disconnect-Time
(h323-disconnect-time)
|
Indicates the time this call leg was disconnected in UTC.
|
|
26
|
9
|
30
|
Disconnect-Cause
(h323-disconnect-cause)
|
Specifies the reason a connection was taken offline per Q.931 specification.
|
|
26
|
9
|
31
|
Voice-Quality
(h323-voice-quality)
|
Specifies the impairment factor (ICPIF) affecting voice quality for a call.
|
|
26
|
9
|
33
|
Gateway-ID
(h323-gw-id)
|
Indicates the name of the underlying gateway.
|
|
Large Scale Dialout Attributes
|
|
|
26
|
9
|
1
|
callback-dialstring
|
Defines a dialing string to be used for callback.
|
|
26
|
9
|
1
|
data-service
|
No description available.
|
|
26
|
9
|
1
|
dial-number
|
Defines the number to dial.
|
|
26
|
9
|
1
|
force-56
|
Determines whether the network access server uses only the 56 K portion of a channel, even when all 64 K appear to be available.
|
|
26
|
9
|
1
|
map-class
|
Allows the user profile to reference information configured in a map class of the same name on the network access server
that dials out.
|
|
26
|
9
|
1
|
send-auth
|
Defines the protocol to use (PAP or CHAP) for username-password authentication following CLID authentication.
|
|
26
|
9
|
1
|
send-name
|
PPP name authentication. To apply for PAP, do not configure the ppp
pap
sent-name
password command on the interface. For PAP, “preauth:send-name” and “preauth:send-secret” will be used as the PAP username and PAP
password for outbound authentication. For CHAP, “preauth:send-name” will be used not only for outbound authentication, but
also for inbound authentication. For a CHAP inbound case, the NAS will use the name defined in “preauth:send-name” in the
challenge packet to the caller box.
|
Note
|
The send-name attribute initially performed functions now executed by both the send-name and remote-name attributes. With
the addition of the remote-name attribute, send-name is now restricted to its current operations.
|
|
|
26
|
9
|
1
|
send-secret
|
PPP password authentication. The vendor-specific attributes “preauth:send-name” and “preauth:send-secret” serve as both the
PAP username and password during outbound authentication, while for CHAP outbound, they are applied in the response packet.
|
|
26
|
9
|
1
|
remote-name
|
Provides the name of the remote host for use in large-scale dial-out. Dialer checks that the large-scale dial-out remote
name matches the authenticated name, to protect against accidental user RADIUS misconfiguration. (For example, dialing a valid
phone number but connecting to the wrong device.)
|
|
Miscellaneous Attributes
|
|
26
|
9
|
2
|
Cisco-NAS-Port
|
Specifies additional vendor specific attribute (VSA) information for NAS-Port accounting. To specify additional NAS-Port
information in the form an Attribute-Value Pair (AVPair) string, use the radius-server
vsa
send global configuration command.
|
Note
|
This VSA is typically used in Accounting, but may also be used in Authentication (Access-Request) packets.
|
|
|
26
|
9
|
1
|
min-links
|
Sets the minimum number of links for MLP.
|
|
26
|
9
|
1
|
proxyacl#<n>
|
Allows users to configure the downloadable user profiles (dynamic ACLs) by using the authentication proxy feature so that
users can have the configured authorization to permit traffic going through the configured interfaces.
|
|
26
|
9
|
1
|
spi
|
Carries the authentication information needed by the home agent to authenticate a mobile node during registration. The information
is in the same syntax as the ip
mobile
secure
host
<addr> configuration command. Basically it contains the rest of the configuration command that follows that string, verbatim. It
provides the Security Parameter Index (SPI), key, authentication algorithm, authentication mode, and replay protection timestamp
range.
|
Feedback