Attributes in incoming and outgoing RADIUS messages can be
translated to and from internal presentations. For example, different MAC
address formats can be normalised for logging and values for reply
attributes can now be set based on the Client or
<AuthBy RADIUS> vendor type. The general format
for VsaTranslateIn and
VsaTranslateOut is:
VsaTranslateIn
source_attr, dest_attr[, translation, strip|nostrip,
extras]
source_attr is the translation source
attribute.dest_attr defines the name for the newly
translated attribute.translation defaults to copy which does no
modification. The available translation depend on the
VsaVendor and VsaType
configuration parameters.strip or nostrip defaults to
nostrip for VsaTranslateIn and
strip for VsaTranslateOut.extras depends on the translation,
VsaVendor and VsaType.
Full example showing VsaVenedor,
VsaType, VsaTranslateIn,
VsaTranslateOut, and the related configuration
parameters is in
goodies/vsa-translate.cfg.
# Translate incoming MAC address to common internal format
# and copy the DNS address in a VSA
<Client 192.168.3.49>
Identifier juniper
Secret mysecret
# These control how the translation is done
VsaVendor Juniper
VsaType junos
# macaddr transforms MAC addresses to and from internal presentation
VsaTranslateIn Unisphere-Pppoe-Description, OSC-Mac-Address, macaddr
# Convert internal presentation to what this client expects
VsaTranslateOut OSC-DNS-Address1, Unisphere-Primary-Dns
</Client>
