Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
721
Views
5
Helpful
5
Replies

Cisco ISE and Extended NAS-Port-Type Support

Go to solution
rezaalikhani
Spotlight
Spotlight

‎10-22-2023 11:04 PM

Hi all;

Does ISE support Extended NAS-Port-Type by default?

Thanks

3 Accepted Solutions

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎10-22-2023 11:45 PM - edited ‎10-22-2023 11:58 PM

I see NAS-port-type attribute 61 list in ISE. 

Screenshot (61).png

View solution in original post

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to rezaalikhani

‎10-23-2023 05:09 PM

There is no separate Dictionary in ISE for Extended NAS-Port-Type. The built-in RADIUS dictionary supports various IETF attributes, including NAS-Port-Type (Attribute 61), and multiple relevant standard values.

To determine if ISE supports your use case, we would need more details, such as:

  • What specific RADIUS Attribute/Value pair are looking to support?
  • Is there an IETF/RFC standard that describes this AV pair?
  • Is the network device capable of sending this information to ISE via RADIUS authentication/accounting?

View solution in original post

Go to solution
thomas
Cisco Employee
Cisco Employee

‎10-30-2023 05:34 PM

thomas_0-1698711728367.png

ISE 3.3 lists the following values in the Policy Sets Condition Studio editor for RADIUS:NAS-Port-Type :
ADSL-CAP
ADSL-DMT
Async
Cable
Ethernet
FDDI
G.3 Fax
HDLC Clear Channel
IAPP
IDSL
ISDN Async V.110
ISDN Async V.120
ISDN Sync
PIAFS
SDSL
Sync
Token-Ring
Virtual
Wireless - 1X-EV
Wireless - CDMA2000
Wireless - IEEE 802.11
Wireless - Other
Wireless - UMTS
X.25
X.75
xDSL

 

The RADIUS RFC-2865 lists only the following for NAS-Port-Type values:

      0       Async
      1       Sync
      2       ISDN Sync
      3       ISDN Async V.120
      4       ISDN Async V.110
      5       Virtual
      6       PIAFS
      7       HDLC Clear Channel
      8       X.25
      9       X.75
      10      G.3 Fax
      11      SDSL - Symmetric DSL
      12      ADSL-CAP - Asymmetric DSL, Carrierless Amplitude Phase Modulation
      13      ADSL-DMT - Asymmetric DSL, Discrete Multi-Tone
      14      IDSL - ISDN Digital Subscriber Line
      15      Ethernet
      16      xDSL - Digital Subscriber Line of unknown type
      17      Cable
      18      Wireless - Other
      19      Wireless - IEEE 802.11

 So ISE definitely supports some of the non-RFC extended attributes.

There are some additional non-RFC compliant broadband service port types with their corresponding values documented in Extended NAS-Port-Type and NAS-Port Support that ISE does not support:

Service Port Type | RADIUS Value
PPPoA             | 30
PPPoEoA           | 31
PPPoEoE           | 32
PPPoEoVLAN        | 33
PPPoEoQinQ        | 34

If you need more extended NAS-Port-Type values in the ISE Conditions Studio, please Make a Wish @ https://cs.co/ise-wish and be very explicitly about which extended attributes, the values, and your public source for this information.

 

View solution in original post

5 Replies 5

Go to solution
MHM Cisco World
VIP
VIP

‎10-22-2023 11:45 PM - edited ‎10-22-2023 11:58 PM

I see NAS-port-type attribute 61 list in ISE. 

Screenshot (61).png

Go to solution
rezaalikhani
Spotlight
Spotlight
In response to MHM Cisco World

‎10-23-2023 01:08 AM

Yes, ISE supports RADIUS Attribute 61, but as I said, I want to know about Extended NAS-Port-Type.

0 Helpful

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to rezaalikhani

‎10-23-2023 05:09 PM

There is no separate Dictionary in ISE for Extended NAS-Port-Type. The built-in RADIUS dictionary supports various IETF attributes, including NAS-Port-Type (Attribute 61), and multiple relevant standard values.

To determine if ISE supports your use case, we would need more details, such as:

  • What specific RADIUS Attribute/Value pair are looking to support?
  • Is there an IETF/RFC standard that describes this AV pair?
  • Is the network device capable of sending this information to ISE via RADIUS authentication/accounting?

Go to solution
thomas
Cisco Employee
Cisco Employee

‎10-30-2023 05:34 PM

thomas_0-1698711728367.png

ISE 3.3 lists the following values in the Policy Sets Condition Studio editor for RADIUS:NAS-Port-Type :
ADSL-CAP
ADSL-DMT
Async
Cable
Ethernet
FDDI
G.3 Fax
HDLC Clear Channel
IAPP
IDSL
ISDN Async V.110
ISDN Async V.120
ISDN Sync
PIAFS
SDSL
Sync
Token-Ring
Virtual
Wireless - 1X-EV
Wireless - CDMA2000
Wireless - IEEE 802.11
Wireless - Other
Wireless - UMTS
X.25
X.75
xDSL

 

The RADIUS RFC-2865 lists only the following for NAS-Port-Type values:

      0       Async
      1       Sync
      2       ISDN Sync
      3       ISDN Async V.120
      4       ISDN Async V.110
      5       Virtual
      6       PIAFS
      7       HDLC Clear Channel
      8       X.25
      9       X.75
      10      G.3 Fax
      11      SDSL - Symmetric DSL
      12      ADSL-CAP - Asymmetric DSL, Carrierless Amplitude Phase Modulation
      13      ADSL-DMT - Asymmetric DSL, Discrete Multi-Tone
      14      IDSL - ISDN Digital Subscriber Line
      15      Ethernet
      16      xDSL - Digital Subscriber Line of unknown type
      17      Cable
      18      Wireless - Other
      19      Wireless - IEEE 802.11

 So ISE definitely supports some of the non-RFC extended attributes.

There are some additional non-RFC compliant broadband service port types with their corresponding values documented in Extended NAS-Port-Type and NAS-Port Support that ISE does not support:

Service Port Type | RADIUS Value
PPPoA             | 30
PPPoEoA           | 31
PPPoEoE           | 32
PPPoEoVLAN        | 33
PPPoEoQinQ        | 34

If you need more extended NAS-Port-Type values in the ISE Conditions Studio, please Make a Wish @ https://cs.co/ise-wish and be very explicitly about which extended attributes, the values, and your public source for this information.

 

Go to solution
rezaalikhani
Spotlight
Spotlight
In response to thomas

‎10-31-2023 02:38 AM

Thanks for your great answer!

0 Helpful
Customers Also Viewed These Support Documents