Send Kemp Vendor Specific Attribute in RADIUS Requests

This article relates to LoadMaster firmware version 7.2.51.

As of LoadMaster firmware version 7.2.51, there is a check box in the User Interface (UI) called Send Vendor Specific in Certificates & Security > Remote Access > WUI Authorization Options when a RADIUS Server is set. When the Send Vendor Specific check box is enabled and a user is logging into the LoadMaster UI using RADIUS authentication with Cisco Access Control Server (ACS) or Identity Services Engine (ISE), the LoadMaster sends an Attribute Value Pair (AVP) to the server as part of the login request which contains Kemp's vendor ID. The server can use this AVP upon receipt to identify the LoadMaster device. The format and requirements for this attribute are in Section 5.26 of RFC 2865.

The Kemp vendor ID is 12196.

For further details on RADIUS authentication in general, refer to the RADIUS Authentication and Authorization Technical Note.

Application Programming Interface (API) Details

You can check if the Send Vendor Specific option is enabled or disabled by running a get command with the radiussendvendorspec parameter. For example:

/access/get?param=radiussendvendorspec

To enable or disable the radiussendvendorspec parameter run the set command. For example:

/access/set?param=radiussendvendorspec&value=<0/1>

Valid values are as follows:

  • 0 - Disabled
  • 1 - Enabled

For further details on the RESTful API in general, refer to the Long Term Support (LTS) RESTful API Interface Description document.

For PowerShell help, run the Get-Help command for the relevant commands.

Was this article helpful?

0 out of 0 found this helpful

Comments