Overview
The following information provides an overview about RADIUS services supported on a switch, including CoS (802.1p priority), ingress and egress rate-limiting, and ACL client services on a RADIUS server. For information on configuring client authentication capability on the switch, see RADIUS Authentication, Authorization, and Accounting.
Service |
Application |
Standard RADIUS attribute |
Vendor-specific RADIUS attribute (VSA) |
|---|---|---|---|
Cos (Priority) |
per-user |
59 |
40 |
Ingress Rate-Limiting |
per-user |
— |
46 |
Egress Rate-Limiting |
per-port1 |
— |
48 |
| ACLs | |||
IPv6 and/or IPv4 ACEs(NAS-Filter-Rule) |
per-user |
92 |
61 |
NAS-Rules-IPv6 (sets IP mode to IPv4-only or IPv4 and IPv6) |
per-user |
— |
63 |
If multiple clients are authenticated on a port where per-port rules are assigned by a RADIUS server, then the most recently assigned rule is applied to the traffic of all clients authenticated on the port.
Hewlett Packard Enterprise recommends using the Standard RADIUS attribute, if available. Where both a standard attribute and a VSA are available, the VSA is maintained for backwards compatibility with configurations based on earlier software releases.