From e1a828c5f23dec736a99f5cc995c6f0ade9582c3 Mon Sep 17 00:00:00 2001 From: Luis Ontanon Date: Fri, 15 Jul 2005 21:03:13 +0000 Subject: Radius dictionary support Part 1: the dictionary svn path=/trunk/; revision=14924 --- radius/dictionary.sonicwall | 58 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 radius/dictionary.sonicwall (limited to 'radius/dictionary.sonicwall') diff --git a/radius/dictionary.sonicwall b/radius/dictionary.sonicwall new file mode 100644 index 0000000000..9d41017b0a --- /dev/null +++ b/radius/dictionary.sonicwall @@ -0,0 +1,58 @@ +# +# Sonicwall Firewall dictionary +# +# $Id$ +# + +VENDOR SonicWall 8741 + +# Backwards compatibility. +ATTRIBUTE SS3-Firewall-User-Privilege 1 integer SonicWall + +# New names. +ATTRIBUTE SonicWall-User-Privilege 1 integer SonicWall +VALUE SonicWall-User-Privilege Remote-Access 1 # deprecated +VALUE SonicWall-User-Privilege Bypass-Filters 2 +VALUE SonicWall-User-Privilege VPN-Client-Access 3 # standard +VALUE SonicWall-User-Privilege Access-To-VPN 4 # standard +VALUE SonicWall-User-Privilege Limited-Management 5 +VALUE SonicWall-User-Privilege L2TP-Client-Access 6 # standard +VALUE SonicWall-User-Privilege Wireless-Guest 7 # standard +VALUE SonicWall-User-Privilege Wireless-Add-ACL 8 +VALUE SonicWall-User-Privilege Internet-Access 9 # standard + +# Those values indicated as "standard" are applicable only on a SonicWall +# firewall running standard firmware and not on one running enhanced firmware. + +# +# This attribute is to use in place of SonicWall-User-Privilege with RADIUS +# servers that allow only one instance of a Vendor-Specific attribute to be +# set (such as the ACE Server from RSA). Note that it is commented out in this +# file because it is not needed in any servers that support multiple VSA's. +# +# The value of this attribute is a text string giving a comma-separated list +# of one or more privileges, each corresponding to a value of the +# SonicWall-User-Privilege attribute above (and note that some are applicable +# only on a SonicWall firewall running standard firmware as indicated above): +# "BF,VC,VA,LM,LA,WG,WA,IA" +# "RA" for "Remote-Access" is now deprecated. +# ATTRIBUTE SonicWall-User-Privileges 2 string SonicWall + + +# Multiple of these can be set for a user, each specifying the name of a +# user group to which that user has membership. Note that this can +# alternatively be achieved by use of the Filter-Id attribute. +# This is applicable only on a SonicWall firewall running enhanced firmware. +# +ATTRIBUTE SonicWall-User-Group 3 string SonicWall + +# This attribute is to use in place of SonicWall-User-Group with RADIUS +# servers that allow only one instance of a Vendor-Specific attribute to be +# set (such as the ACE Server from RSA). Note that it is commented out in this +# file because it is not needed in any servers that support multiple VSA's. +# +# The value of this attribute is a text string giving a comma-separated list +# of the names of one or more user groups to which that user has membership. +# This is applicable only on a SonicWall firewall running enhanced firmware. +# +# ATTRIBUTE SonicWall-User-Groups 4 string SonicWall. -- cgit v1.2.1