Access control
- hp-port-dot1x-client-limit
Type #: 10
Platforms supported: All
Description: Overrides local config on how many clients to allow for 802.1X
Length: 4
Type: Integer
Value range: Values range from 0 to 32 clients. A zero client limit means that this VSA is disabled.
Format: HP-Port-Client-Limit-Dot1x = 5
- hp-port-macauth-client-limit
Type #: 11
Platforms supported: All
Description: Overrides local config on how many clients to allow for MAC Authentication
Length: 4
Type: Integer
Value range: Values range from 0 to 256 clients. A zero client limit means that this VSA is disabled. Supports 0-32 clients on the switch.
Format: HP-Port-Client-Limit-MA = 5
- hp-port-webauth-client-limit
Type #: 12
Platforms supported: All
Description: Overrides local config on how many clients to allow for Web Authentication
Length: 4
Type: Integer
Value range: Values range from 0 to 256 clients. A zero client limit means that this VSA is disabled. Supports 0-32 clients on the switch.
Format: HP-Port-Client-Limit-WA = 5
- hp-port-dot1x-port-mode
Type #: 13
Platforms supported: All
Description: Sets the 802.1X mode of operation to port-based
Length: 4
Type: Integer
Value range: A port-based VSA is set with a value of 1; a user-based VSA is set with a value of 2.
Format:
For port-based mode:
HP-Port-Auth-Mode-Dot1x = 1,
HP-Port-Client-Limit-MA = 0,
HP-Port-Client-Limit-WA = 0
For user-based mode:
HP-Port-Auth-Mode-Dot1x = 5
- hp-port-macauth-port-mode
Type #: 14
Platforms supported: All
Description: Sets the port to port-based mode for a MAC Authentication
Length: 4
Type: Integer
Value range: A port-based VSA is set with a value of 1.
Format: HP-Port-Auth-Mode-MacAuth = 1
- hp-port-bounce-host
Type #: 23
Platforms supported: All
Description: Toggle the physical port where the client is attached
Length: 4
Type: Integer
Value range: Integer value to represent the time interval to bounce the host port in seconds.
Format: HP-Port-Bounce-Host = 12
- hp-captive-portal-url
Type #: 24
Platforms supported: All
Description: URL used for the Captive Portal for an authenticated client
Length: <=255
Type: String
Value range: URL Link for Captive Portal redirection for an authenticated client.
Format: http://radius_server_ip/guest/captive_portal_login.php?
- hp-user-role
Type #: 25
Platforms supported: All
Description: The role applied for the authenticating user
Length: <=63
Type: String
Value range: Name of the created User role
Format: HP-User-Role = TestRole
- hp-cppm-role
Type #: 27
Platforms supported: All except 2530
Description: The ClearPass role applied for the authenticating user
Length: <=63
Type: String
Value range: ClearPass will send the Downloadable User Role name in this VSA to the authenticator Switch and switch downloads the Downloadable User Role. This VSA is supported in both RADIUS Access-Accept and RADIUS CoA. This VSA is mutually exclusive with hp-user-role VSA for local user-role.
Format: HP-CPPM-Role = TestRole
- hp-acct-terminate-cause
Type #: 29
Platforms supported: All
Description: Used in accounting stop requests to indicate why a session was terminated
Length: 4
Type: Integer
Value range: This is similar to Acct-Terminate-Cause mentioned in RFC 2866 and RFC 3580. This attribute is sent in accounting request from switch with the reason for account termination.
Values:RADIUS_HP_NAS_FILTER_RULE_BAD_SYNTAX
1 RADIUS_HP_NAS_FILTER_RULE_RESOURCE_OVERFLOW
2 Format: Acct-Terminate-Cause = Port-Disabled
- hp-capability-advertisement
Type #: 255
Platforms supported: All
Description: Advertises the device capabilities
Length: <=255
Type: String
Value range: List of 'HP-Capability-Advert' Vendor Specific Attributes (VSAs) containing information about the switch's current capability.
Format:
HP-Capability-Advert = 0x0138
Details:
0x01: Version of Capability Advertisement
0x38: Hex value of Attribute type 56 (Egress-VLANID)
HP-Capability-Advert = 0x011a0000000b30
Details:
0x1: Version
0x1a: HP Vendor Specific type
0x0000000b: HP Vendor ID
0x30: Vendor Attribute Type of HP-Bandwidth-Max-Egress