This section describes how to configure RADIUS attribute translation using the rpc method.
Operation |
XPATH |
|---|---|
edit-config:create |
/huawei-aaa-radius:radius/radius-server/translate-attribute |
Item |
Data |
Description |
|---|---|---|
| Whether to enable RADIUS attribute translation | true | Enable RADIUS attribute translation. |
| Name of a source RADIUS attribute | nas-identifier | Set the source RADIUS attribute to nas-identifier. |
| Name of a destination RADIUS attribute | nas-port-id | Set the destination RADIUS attribute to nas-port-id. |
| Type of packets whose RADIUS attributes need to be translated | send | Translate RADIUS attributes for sent packets. |
| Name of an extended source RADIUS attribute | HW-URL-Flag | Set the source extended RADIUS attribute to HW-URL-Flag. |
| Vendor ID in the translated extended RADIUS attributes | 9 | Set the vendor ID in the translated extended RADIUS attributes to 9. |
| Sub ID in the translated extended RADIUS attributes | 2 | Set the sub ID in the translated extended RADIUS attributes to 2. |
| Type of packets whose extended RADIUS attributes need to be translated. (The non-Huawei attributes not supported by the device will be translated to the attributes supported by the device.) | access-request | Translate RADIUS attributes for Authentication Request packets. |
| Vendor ID in the extended RADIUS attributes to be translated | 9 | Set the vendor ID in the extended RADIUS attributes to be translated to 9. |
| Sub ID in the extended RADIUS attributes to be translated | 11 | Set the sub ID in the extended RADIUS attributes to be translated to 11. |
| Name of a translated destination attribute | HW-Access-Type | Set the translated destination attribute to HW-Access-Type. |
| Type of packets whose extended RADIUS attributes need to be translated. (The attributes supported by the device will be translated to the non-Huawei attributes not supported by the device.) | access-accept | Translate RADIUS attributes for Authentication Accept packets. |
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="123">
<edit-config>
<target>
<running/>
</target>
<error-option>rollback-on-error</error-option>
<config>
<radius xmlns="urn:huawei:params:xml:ns:yang:huawei-aaa-radius">
<radius-server xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0" xc:operation="merge">
<name>test12345</name>
<vsys>public</vsys>
<translate-attribute xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge">
<enable>true</enable>
<translate-normal xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge">
<source-attribute-name>nas-identifier</source-attribute-name>
<destination-attribute-name>nas-port-id</destination-attribute-name>
<packet-type>send</packet-type>
</translate-normal>
<translate-extend xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge">
<source-attribute-name>HW-URL-Flag</source-attribute-name>
<destination-vendor-id>9</destination-vendor-id>
<destination-sub-vendor-id>2</destination-sub-vendor-id>
<packet-type>access-request</packet-type>
</translate-extend>
<translate-extend-vendor xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0" ns0:operation="merge">
<source-vendor-id>9</source-vendor-id>
<source-sub-vendor-id>11</source-sub-vendor-id>
<destination-attribute-name>HW-Access-Type</destination-attribute-name>
<packet-type>access-accept</packet-type>
</translate-extend-vendor>
</translate-attribute>
</radius-server>
</radius>
</config>
</edit-config>
</rpc>
Sample of successful response
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="123"> <ok/> </rpc-reply>
Sample of failed response
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="123"> <rpc-error> <error-app-tag>-1</error-app-tag> <error-message>Wrong parameter.</error-message> <error-info>Error on node /huawei-aaa-radius:radius/radius-server[name="test12345",vsys="public"]/translate-attribute/translate-normal[source-attribute-name="nas-identifier1"]</error-info> </rpc-error> </rpc-reply>