A new IETF draft was recently published describing an extension to RADIUS which supports a standard way to define access control lists at the rule level. Previous standard incarnations used the “filter-id” attribute which could only point to a pre-configured filter on the device. Though some VSAs can provide this functionality today a ubiquitous standard attribute is vastly preferable. This would provide a much better vehicle for describing authorization rules in a central location instead of managing them individually on each enforcement device.
RADIUS Filter Rules
One Response to “RADIUS Filter Rules”
Leave a Reply
You must be logged in to post a comment.