radius
AsterNOS Model for radius
module: asternos-radius +--rw radius +--rw global | +--rw shared-secret? string | +--rw auth-type? auth-type-enumeration | +--rw src-ip? inet:ip-address | +--rw nas-ip? inet:ip-address | +--rw timeout? uint8 | +--rw retransmit? uint8 +--rw servers +--rw server* [ipaddress] +--rw ipaddress inet:ip-address-no-zone +--rw auth-port? inet:port-number +--rw shared-secret? string +--rw auth-type? auth-type-enumeration +--rw priority? uint8 +--rw timeout? uint16 +--rw retransmit? uint8 +--rw vrf? string +--rw src-intf? unionResources
Section titled “Resources”Resource List
Section titled “Resource List”| Path | Access |
|---|---|
| /radius | Read-Write |
| /radius/global | Read-Write |
| /radius/global/shared-secret | Read-Write |
| /radius/global/auth-type | Read-Write |
| /radius/global/src-ip | Read-Write |
| /radius/global/nas-ip | Read-Write |
| /radius/global/timeout | Read-Write |
| /radius/global/retransmit | Read-Write |
| /radius/servers | Read-Write |
| /radius/servers/server | Read-Write |
| /radius/servers/server/ipaddress | Read-Write |
| /radius/servers/server/auth-port | Read-Write |
| /radius/servers/server/shared-secret | Read-Write |
| /radius/servers/server/auth-type | Read-Write |
| /radius/servers/server/priority | Read-Write |
| /radius/servers/server/timeout | Read-Write |
| /radius/servers/server/retransmit | Read-Write |
| /radius/servers/server/vrf | Read-Write |
| /radius/servers/server/src-intf | Read-Write |
Detailed Nodes
Section titled “Detailed Nodes”/radius
Section titled “/radius”Path
/radius
Node Type
container
Description
Radius configuration
Access
Read-Write
/radius/global
Section titled “/radius/global”Path
/radius/global
Node Type
container
Description
Global radius configuration
Access
Read-Write
/radius/global/shared-secret
Section titled “/radius/global/shared-secret”Path
/radius/global/shared-secret
Node Type
leaf
Description
RADIUS global shared secret (Valid chars are ASCII printable except SPACE, ”#”, and ”,”)
Access
Read-Write
Data Type
Constraints
String with length: 1 to 65
/radius/global/auth-type
Section titled “/radius/global/auth-type”Path
/radius/global/auth-type
Node Type
leaf
Description
RADIUS global method used for authenticating the comm. mesg.
Access
Read-Write
Data Type
Constraints
Enumeration with options:
- pap
- chap
/radius/global/src-ip
Section titled “/radius/global/src-ip”Path
/radius/global/src-ip
Node Type
leaf
Description
source IP address (IPv4 or IPv6) for the outgoing RADIUS pkts.
Access
Read-Write
Data Type
Constraints
Multiple constraints:
- The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. The IPv6 address may include a zone index, separated by a % sign.
If a system uses zone names that are not represented in UTF-8, then an implementation needs to use some mechanism to transform the local name into UTF-8. The definition of such a mechanism is outside the scope of this document.
The zone index is used to disambiguate identical address values. For link-local addresses, the zone index will typically be the interface index number or the name of an interface. If the zone index is not present, the default zone of the device will be used.
The canonical format of IPv6 addresses uses the textual representation defined in Section 4 of RFC 5952. The canonical format for the zone index is the numerical format as described in Section 11.2 of RFC 4007.
- The ipv4-address type represents an IPv4 address in dotted-quad notation. The IPv4 address may include a zone index, separated by a % sign. If a system uses zone names that are not represented in UTF-8, then an implementation needs to use some mechanism to transform the local name into UTF-8. The definition of such a mechanism is outside the scope of this document.
The zone index is used to disambiguate identical address values. For link-local addresses, the zone index will typically be the interface index number or the name of an interface. If the zone index is not present, the default zone of the device will be used.
The canonical format for the zone index is the numerical format
/radius/global/nas-ip
Section titled “/radius/global/nas-ip”Path
/radius/global/nas-ip
Node Type
leaf
Description
NAS-IP|IPV6-Address attribute for the outgoing RADIUS pkts.
Access
Read-Write
Data Type
Constraints
Multiple constraints:
- The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. The IPv6 address may include a zone index, separated by a % sign.
If a system uses zone names that are not represented in UTF-8, then an implementation needs to use some mechanism to transform the local name into UTF-8. The definition of such a mechanism is outside the scope of this document.
The zone index is used to disambiguate identical address values. For link-local addresses, the zone index will typically be the interface index number or the name of an interface. If the zone index is not present, the default zone of the device will be used.
The canonical format of IPv6 addresses uses the textual representation defined in Section 4 of RFC 5952. The canonical format for the zone index is the numerical format as described in Section 11.2 of RFC 4007.
- The ipv4-address type represents an IPv4 address in dotted-quad notation. The IPv4 address may include a zone index, separated by a % sign. If a system uses zone names that are not represented in UTF-8, then an implementation needs to use some mechanism to transform the local name into UTF-8. The definition of such a mechanism is outside the scope of this document.
The zone index is used to disambiguate identical address values. For link-local addresses, the zone index will typically be the interface index number or the name of an interface. If the zone index is not present, the default zone of the device will be used.
The canonical format for the zone index is the numerical format
/radius/global/timeout
Section titled “/radius/global/timeout”Path
/radius/global/timeout
Node Type
leaf
Description
Radius timeout in seconds
Access
Read-Write
Data Type
Constraints
Valid range: 1 to 60
/radius/global/retransmit
Section titled “/radius/global/retransmit”Path
/radius/global/retransmit
Node Type
leaf
Access
Read-Write
Data Type
Constraints
Valid range: 0 to 10
/radius/servers
Section titled “/radius/servers”Path
/radius/servers
Node Type
container
Access
Read-Write
/radius/servers/server
Section titled “/radius/servers/server”Path
/radius/servers/server
Node Type
list
Access
Read-Write
/radius/servers/server/ipaddress
Section titled “/radius/servers/server/ipaddress”Path
/radius/servers/server/ipaddress
Node Type
leaf
Description
RADIUS server’s Domain name or IP address (IPv4 or IPv6)
Access
Read-Write
Data Type
Constraints
Multiple constraints:
- An IPv6 address without a zone index. This type, derived from the type ipv6-address, may be used in situations where the zone is known from the context and no zone index is needed.
- An IPv4 address without a zone index. This type, derived from the type ipv4-address, may be used in situations where the zone is known from the context and no zone index is needed.
/radius/servers/server/auth-port
Section titled “/radius/servers/server/auth-port”Path
/radius/servers/server/auth-port
Node Type
leaf
Description
RADIUS authentication port number.
Access
Read-Write
Data Type
Constraints
Valid range: 0 to 65535
/radius/servers/server/shared-secret
Section titled “/radius/servers/server/shared-secret”Path
/radius/servers/server/shared-secret
Node Type
leaf
Description
RADIUS servers shared secret (Valid chars are ASCII printable except SPACE, ”#”, and ”,”)
Access
Read-Write
Data Type
Constraints
String with length: 1 to 65
/radius/servers/server/auth-type
Section titled “/radius/servers/server/auth-type”Path
/radius/servers/server/auth-type
Node Type
leaf
Description
RADIUS server’s method used for authenticating the comm. mesg.
Access
Read-Write
Data Type
Constraints
Enumeration with options:
- pap
- chap
/radius/servers/server/priority
Section titled “/radius/servers/server/priority”Path
/radius/servers/server/priority
Node Type
leaf
Description
RADIUS server’s priority
Access
Read-Write
Data Type
Constraints
Valid range: 1 to 64
/radius/servers/server/timeout
Section titled “/radius/servers/server/timeout”Path
/radius/servers/server/timeout
Node Type
leaf
Access
Read-Write
Data Type
Constraints
Valid range: 1 to 60
/radius/servers/server/retransmit
Section titled “/radius/servers/server/retransmit”Path
/radius/servers/server/retransmit
Node Type
leaf
Access
Read-Write
Data Type
Constraints
Valid range: 0 to 10
/radius/servers/server/vrf
Section titled “/radius/servers/server/vrf”Path
/radius/servers/server/vrf
Node Type
leaf
Description
VRF name
Access
Read-Write
Data Type
/radius/servers/server/src-intf
Section titled “/radius/servers/server/src-intf”Path
/radius/servers/server/src-intf
Node Type
leaf
Access
Read-Write
Data Type