You are here: Home > CLI Commands > Just_CLI_Topics > aaa radius modifier

aaa radius modifier

aaa radius modifier <rad_modifier_name>

clone <source>

exclude <name>

include <name> {[static <static_val>]|[dynamic <ap-group1>|<ap-macaddr1>|<ap-name1>|<essid1>|<user-vlan1>|<with>|<ap-group2>|<ap-macaddr2>|<ap-name2>|<essid2>|<user-vlan2>]<delimiter>}

no..

Description

This command configures the RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  modifier profile to customize the attributes that are included, excluded and modified in the RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  request before it is sent to the authentication server.

Syntax

Parameter

Description

<rad_modifier_name>

The specified RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  modifier profile name

clone <source>

Copy data from another Radius Modifier Profile

exclude <name>

Attribute to be excluded in RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  request

include <name>

Attribute/Value to be included in RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  request

static <static_val>

Static data. (1-128 bytes string in length)

dynamic

First dynamic field. Use the following parameters:

ap-group1: Use AP group as the first dynamic field.

ap-macaddr1: Use AP mac address as the first dynamic field.

ap-name1: Use AP name as the first dynamic field.

essid1: Use essidExtended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set. as the first dynamic field.

user-vlan1: Use the current VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.-ID of user as the first dynamic field.

with

(Optional) Connect to the second dynamic field. Use the following parameters:

ap-group2: Use AP group as the second dynamic field.

ap-macaddr2: Use AP mac address as the second dynamic field.

ap-name2: Use AP name as the second dynamic field.

essid2: Use essidExtended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set. as the second dynamic field.

user-vlan2: Use the current VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.-ID of user as the second dynamic field.

delimiter

Delimiter (at, colon, dash, dollar, hash, none, percent, semicolon, slash, space) used in the string.

no

Delete Command.

Usage Guidelines

Use the show aaa radius modifier command to display a list of RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  modifier profiles . To create a RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  modifier profile with customized attributes, use the aaa radius-attributes command.

Example

Example for Included attribute

(host) [md](config) #aaa radius-attributes add BW-Area-Code 18 integer vendor Boingo 22472

(host) [md](Radius Modifier Profile "radmodifier1") # include BW-Area-Code static "212"

(host) [md](Radius Modifier Profile "radmodifier1") # no include BW-Area-Code

Example for excluded attribute

(host) [md](config) #aaa radius-attributes add BW-Area-Code 18 integer vendor Boingo 22472

(host) [md](Radius Modifier Profile "radmodifier1") # exclude BW-Area-Code

(host) [md](Radius Modifier Profile "radmodifier1") # no exclude BW-Area-Code

Example for modified attribute

Default attributes to carry to radius server can be modified with include option.

(host) [md](Radius Modifier Profile "radmodifier1") # include "Aruba-location-id" static "Shim-office"

Command History

Version

Modification

ArubaOS 8.2.0.0

The exclude and include parameters were added.

ArubaOS 8.1.0.0

Command introduced.

Command Information

Platforms

Licensing

Command Mode

All platforms

Base operating system.

Config mode on Mobility Master.

/*]]>*/