📄 rfc2548.txt
字号:
If the L bit is set, RC4[5] encryption using a 40-bit key is
allowed. If the S bit is set, RC4 encryption using a 128-bit key
is allowed. If both the L and S bits are set, then either 40- or
128-bit keys may be used with the RC4 algorithm.
2.5. Attributes for BAP Support
This section describes a set of vendor-specific RADIUS attributes
designed to support the dynamic control of bandwidth allocation in
multilink PPP [11]. Attributes are defined that specify whether use
of the PPP Bandwidth Allocation Protocol (BAP) [12] is allowed or
required on incoming calls, the level of line capacity (expressed as
a percentage) below which utilization must fall before a link is
eligible to be dropped, and the length of time (in seconds) that a
link must be under-utilized before it is dropped.
2.5.1. MS-BAP-Usage
Description
This Attribute describes whether the use of BAP is allowed,
disallowed or required on new multilink calls. It MAY be used in
Access-Accept packets.
A summary of the MS-BAP-Usage Attribute format is shown below. The
fields are transmitted from left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Type | Vendor-Length | Value
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Value (cont) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Type
13 for MS-BAP-Usage.
Vendor-Length
6
Zorn Informational [Page 26]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999
Value
The Value field is four octets.
0 BAP usage not allowed
1 BAP usage allowed
2 BAP usage required
2.5.2. MS-Link-Utilization-Threshold
Description
This Attribute represents the percentage of available bandwidth
utilization below which the link must fall before the link is
eligible for termination. Permissible values for the MS-Link-
Utilization-Threshold Attribute are in the range 1-100, inclusive.
It is only used in Access-Accept packets.
A summary of the MS-Link-Utilization-Threshold Attribute format is
shown below. The fields are transmitted from left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Type | Vendor-Length | Value
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Value (cont) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Type
14 for MS-Link-Utilization-Threshold
Vendor-Length 6
Value The Value field is four octets in length and represents the
percentage of available bandwidth utilization below which the link
must fall before the link is eligible for termination.
Permissible values are in the range 1-100, inclusive.
2.5.3. MS-Link-Drop-Time-Limit
Description
The MS-Link-Drop-Time-Limit Attribute indicates the length of time
(in seconds) that a link must be underutilized before it is
dropped. It MAY only be included in Access-Accept packets.
A summary of the MS-Link-Drop-Time-Limit Attribute format is given
below. The fields are transmitted left to right.
Zorn Informational [Page 27]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Type | Vendor-Length | Value
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Value (cont) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Type
15 for MS-Link-Drop-Time-Limit
Vendor-Length
6
Value
The Value field represents the number of seconds that a link must
be underutilized (i.e., display bandwidth utilization below the
threshold specified in the MS-Link-Utilization-Threshold
Attribute) before the link is dropped.
2.6. Attributes for ARAP Support
This section describes a set of Attributes designed to support the
Apple Remote Access Protocol (ARAP).
2.6.1. MS-Old-ARAP-Password
Description
The MS-Old-ARAP-Password Attribute is used to transmit the old
ARAP password during an ARAP password change operation. It MAY be
included in Access-Request packets.
A summary of the MS-Old-ARAP-Password Attribute Attribute format is
given below. The fields are transmitted left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Type | Vendor-Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Type
19 for MS-Old-ARAP-Password Attribute
Vendor-Length
> 3
Zorn Informational [Page 28]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999
String
The String field is one or more octets. It contains the old ARAP
password DES-encrypted using itself as the key.
2.6.2. MS-New-ARAP-Password
Description
The MS-New-ARAP-Password Attribute is used to transmit the new
ARAP password during an ARAP password change operation. It MAY be
included in Access-Request packets.
A summary of the MS-New-ARAP-Password Attribute Attribute format is
given below. The fields are transmitted left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Type | Vendor-Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Type
20 for MS-New-ARAP-Password Attribute
Vendor-Length
> 3
String
The String field is one or more octets. It contains the new ARAP
password DES-encrypted using the old ARAP password as the key.
2.6.3. MS-ARAP-Password-Change-Reason
Description
The MS-ARAP-Password-Change-Reason Attribute is used to indicate
reason for a server-initiated password change. It MAY be included
in Access-Challenge packets.
A summary of the MS-ARAP-Password-Change-Reason Attribute format is
given below. The fields are transmitted left to right.
Zorn Informational [Page 29]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Type | Vendor-Length | Why
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Why (cont) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Type
21 for MS-ARAP-Password-Change-Reason
Vendor-Length
6
Why
The Why field is 4 octets in length. The following values are
defined:
Just-Change-Password 1
Expired-Password 2
Admin-Requires-Password-Change 3
Password-Too-Short 4
2.6.4. MS-ARAP-Challenge
Description
This attribute is only present in an Access-Request packet
containing a Framed-Protocol Attribute with the value 3 (ARAP).
A summary of the MS-ARAP-Challenge Attribute format is given below.
The fields are transmitted left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Type | Vendor-Length | Challenge
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Challenge (cont) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Challenge (cont) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Type
33 for MS-ARAP-Challenge
Vendor-Length
10
Zorn Informational [Page 30]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999
Value
The Challenge Field is 8 octets in length. It contains the
challenge (as two 4-octet quantities) sent by the NAS to the peer.
2.7. Miscellaneous Attributes
This section describes attributes which do not fall into any
particular category, but are used in the identification and operation
of Microsoft remote access products.
2.7.1. MS-RAS-Vendor
Description
The MS-RAS-Vendor Attribute is used to indicate the manufacturer
of the RADIUS client machine. It MAY be included in both Access-
Request and Accounting-Request packets.
A summary of the MS-RAS-Vendor Attribute format is given below. The
fields are transmitted left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Type | Vendor-Length | Vendor-ID
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-ID (cont) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Type
9 for MS-RAS-Vendor
Vendor-Length
6
Vendor-ID
The Vendor-ID field is 4 octets in length. The high-order octet
is 0 and the low-order 3 octets are the SMI Network Management
Private Enterprise Code of the Vendor in network byte order, as
defined in the Assigned Numbers RFC [13].
2.7.2. MS-RAS-Version
Description
The MS-RAS-Version Attribute is used to indicate the version of
the RADIUS client software. This attribute SHOULD be included in
packets containing an MS-RAS-Vendor Attribute; it SHOULD NOT be
Zorn Informational [Page 31]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999
sent in packets which do not contain an MS-RAS-Vendor Attribute.
It MAY be included in both Access-Request and Accounting-Request
packets.
A summary of the MS-RAS-Version Attribute format is given below. The
fields are transmitted left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Type | Vendor-Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Type
18 for MS-RAS-Version
Vendor-Length
> 3
String
The String field is one or more octets. The actual format of the
information is ve⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -