cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

5918
Views
15
Helpful
1
Replies
Nub65
Beginner

Cisco AV Pair

Hello,

 

Could anyone please explain to me what AV pairs mean and what they are used for?

1 ACCEPTED SOLUTION

Accepted Solutions
Mike.Cifelli
VIP Advisor

AV in AV-Pair stands for attribute-value. Some types of examples include TACACS+ and RADIUS AV pairs. These AV pairs can be utilized to define specific authentication, authorization, and accounting elements for each individual session. Something else that you may stumble upon are VSAs which are vendor specific attributes. Attribute 26 was defined for communicating vendor specific information. This attribute encapsulates vendor specific attributes which essentially allows vendors to support their own extended attributes. Take a peek at the following to gain a better understanding:
https://tools.ietf.org/html/rfc2865#page-63
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_radatt/configuration/xe-16/sec-usr-radatt-xe-16-book/sec-vsa-rad-discnct.html
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_tacacs/configuration/xe-16/sec-usr-tacacs-xe-16-book/sec-usr-tacacs-att-value-pairs.html

View solution in original post

1 REPLY 1
Mike.Cifelli
VIP Advisor

AV in AV-Pair stands for attribute-value. Some types of examples include TACACS+ and RADIUS AV pairs. These AV pairs can be utilized to define specific authentication, authorization, and accounting elements for each individual session. Something else that you may stumble upon are VSAs which are vendor specific attributes. Attribute 26 was defined for communicating vendor specific information. This attribute encapsulates vendor specific attributes which essentially allows vendors to support their own extended attributes. Take a peek at the following to gain a better understanding:
https://tools.ietf.org/html/rfc2865#page-63
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_radatt/configuration/xe-16/sec-usr-radatt-xe-16-book/sec-vsa-rad-discnct.html
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_tacacs/configuration/xe-16/sec-usr-tacacs-xe-16-book/sec-usr-tacacs-att-value-pairs.html
Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube