📄 rfc2548.txt
字号:
Value The Value field is four octets. 0 BAP usage not allowed 1 BAP usage allowed 2 BAP usage required2.5.2. MS-Link-Utilization-Threshold Description This Attribute represents the percentage of available bandwidth utilization below which the link must fall before the link is eligible for termination. Permissible values for the MS-Link- Utilization-Threshold Attribute are in the range 1-100, inclusive. It is only used in Access-Accept packets. A summary of the MS-Link-Utilization-Threshold Attribute format is shown below. The fields are transmitted from left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vendor-Type | Vendor-Length | Value +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Value (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Type 14 for MS-Link-Utilization-Threshold Vendor-Length 6 Value The Value field is four octets in length and represents the percentage of available bandwidth utilization below which the link must fall before the link is eligible for termination. Permissible values are in the range 1-100, inclusive.2.5.3. MS-Link-Drop-Time-Limit Description The MS-Link-Drop-Time-Limit Attribute indicates the length of time (in seconds) that a link must be underutilized before it is dropped. It MAY only be included in Access-Accept packets. A summary of the MS-Link-Drop-Time-Limit Attribute format is given below. The fields are transmitted left to right.Zorn Informational [Page 27]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vendor-Type | Vendor-Length | Value +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Value (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Type 15 for MS-Link-Drop-Time-Limit Vendor-Length 6 Value The Value field represents the number of seconds that a link must be underutilized (i.e., display bandwidth utilization below the threshold specified in the MS-Link-Utilization-Threshold Attribute) before the link is dropped.2.6. Attributes for ARAP Support This section describes a set of Attributes designed to support the Apple Remote Access Protocol (ARAP).2.6.1. MS-Old-ARAP-Password Description The MS-Old-ARAP-Password Attribute is used to transmit the old ARAP password during an ARAP password change operation. It MAY be included in Access-Request packets. A summary of the MS-Old-ARAP-Password Attribute Attribute format is given below. The fields are transmitted left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vendor-Type | Vendor-Length | String... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Type 19 for MS-Old-ARAP-Password Attribute Vendor-Length > 3Zorn Informational [Page 28]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999 String The String field is one or more octets. It contains the old ARAP password DES-encrypted using itself as the key.2.6.2. MS-New-ARAP-Password Description The MS-New-ARAP-Password Attribute is used to transmit the new ARAP password during an ARAP password change operation. It MAY be included in Access-Request packets. A summary of the MS-New-ARAP-Password Attribute Attribute format is given below. The fields are transmitted left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vendor-Type | Vendor-Length | String... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Type 20 for MS-New-ARAP-Password Attribute Vendor-Length > 3 String The String field is one or more octets. It contains the new ARAP password DES-encrypted using the old ARAP password as the key.2.6.3. MS-ARAP-Password-Change-Reason Description The MS-ARAP-Password-Change-Reason Attribute is used to indicate reason for a server-initiated password change. It MAY be included in Access-Challenge packets. A summary of the MS-ARAP-Password-Change-Reason Attribute format is given below. The fields are transmitted left to right.Zorn Informational [Page 29]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vendor-Type | Vendor-Length | Why +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Why (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Type 21 for MS-ARAP-Password-Change-Reason Vendor-Length 6 Why The Why field is 4 octets in length. The following values are defined: Just-Change-Password 1 Expired-Password 2 Admin-Requires-Password-Change 3 Password-Too-Short 42.6.4. MS-ARAP-Challenge Description This attribute is only present in an Access-Request packet containing a Framed-Protocol Attribute with the value 3 (ARAP). A summary of the MS-ARAP-Challenge Attribute format is given below. The fields are transmitted left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vendor-Type | Vendor-Length | Challenge +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Challenge (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Challenge (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Type 33 for MS-ARAP-Challenge Vendor-Length 10Zorn Informational [Page 30]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999 Value The Challenge Field is 8 octets in length. It contains the challenge (as two 4-octet quantities) sent by the NAS to the peer.2.7. Miscellaneous Attributes This section describes attributes which do not fall into any particular category, but are used in the identification and operation of Microsoft remote access products.2.7.1. MS-RAS-Vendor Description The MS-RAS-Vendor Attribute is used to indicate the manufacturer of the RADIUS client machine. It MAY be included in both Access- Request and Accounting-Request packets. A summary of the MS-RAS-Vendor Attribute format is given below. The fields are transmitted left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vendor-Type | Vendor-Length | Vendor-ID +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-ID (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Type 9 for MS-RAS-Vendor Vendor-Length 6 Vendor-ID The Vendor-ID field is 4 octets in length. The high-order octet is 0 and the low-order 3 octets are the SMI Network Management Private Enterprise Code of the Vendor in network byte order, as defined in the Assigned Numbers RFC [13].2.7.2. MS-RAS-Version Description The MS-RAS-Version Attribute is used to indicate the version of the RADIUS client software. This attribute SHOULD be included in packets containing an MS-RAS-Vendor Attribute; it SHOULD NOT beZorn Informational [Page 31]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999 sent in packets which do not contain an MS-RAS-Vendor Attribute. It MAY be included in both Access-Request and Accounting-Request packets. A summary of the MS-RAS-Version Attribute format is given below. The fields are transmitted left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vendor-Type | Vendor-Length | String... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Type 18 for MS-RAS-Version Vendor-Length > 3 String The String field is one or more octets. The actual format of the information is vendor specific, and a robust implementation SHOULD support the field as undistinguished octets.2.7.3. MS-Filter Description The MS-Filter Attribute is used to transmit traffic filters. It MAY be included in both Access-Accept and Accounting-Request packets. If multiple MS-Filter Attributes are contained within a packet, they MUST be in order and they MUST be consecutive attributes in the packet. A summary of the MS-Filter Attribute format is given below. The fields are transmitted left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Vendor-Type | Vendor-Length | Filter... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Type 22 for MS-Filter AttributeZorn Informational [Page 32]
RFC 2548 Microsoft Vendor-specific RADIUS Attributes March 1999 Vendor-Length > 3 Filter The Filter field is one or more octets. It contains a sequence of undifferentiated octets. If multiple MS-Filter Attributes occur in a single Access-Accept packet, the Filter field from each MUST be concatenated in the order received to form the actual filter.2.7.4. MS-Acct-Auth-Type Description The MS-Acct-Auth-Type Attribute is used to represent the method used to authenticate the dial-up user. It MAY be included in Accounting-Request packets. A summary of the MS-Acct-Auth-Type Attribute format is given below. The fields are transmitted left to right. 0⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -