RS400 43 ROS™ v3.5
The vendor specific attribute is used to determine the access level from the server, which may
be configured at the RADIUS server with following information:
• Vendor ID: Ruggedcom Inc. enterprise number (15004) assigned by Internet Assigned
Numbers Authority (IANA)
• Sub-attribute Format: String
• Vendor Assigned Sub-Attribute Number: 2
• Attribute value – any one of: admin, operator, guest
Note: If no access level is received in the response packet from the server then no access will be granted
to the user
Example RuggedCom Dictionary for a freeRadius server:
VENDOR RuggedCom 15004
ATTRIBUTE RuggedCom-Privilege-level 2 string
Sample entry for user “admin” Adding Users:
admin Auth-Type := Local, User-Password == "admin"
RuggedCom-Privilege-level = "admin
1.12.3 802.1X Authentication (not supported in RS400, N/A for RMC30)
RADIUS Server is also used to authenticate access on ports with 802.1X security support.
Attributes sent to RADIUS Server in RADIUS Request are:
• user name, derived from client’s EAP identity response
• NAS IP address
• service type: framed
• framed MTU:1500 (maximum size of EAP frame, which is the size of Ethernet frame)
• EAP message
• vendor specific attribute, as described above
RADIUS messages are sent as UDP messages. Switch and RADIUS server must use the same
authentication and encryption key.