not logged in | [Login]
Always use radiusd -X when debugging!
NAS-Port is one of the basic RADIUS attributes.
This section was populated by knowledge accumulated while trying to support various vendor's equipment in 802.1X / MAC-Authentication in the PacketFence open-source Network Access Control.
Refer to PacketFence's source code for the most accurate values.
NAS-Port to ifIndex conversions
The below worked for the Switch 4200G, E4800G and E5500G. They are now branded as HP's.
Here, 4096 NAS-Port slots are reserved per physical port and there is a starting offset of 16781312.
dot1dPort = ceil ( (NAS-Port - 16781312) / 4096 )
dot1dPort is convertible into ifIndex using SNMP (A3COM-HUAWEI-LswINF-MIB::hwifXXBasePortIndex or 1.3.6.1.4.1.43.45.1.2.23.1.1.1.1.10)
Ex: 16855041 is ifIndex 4227289 (dot1dPort 19)
IfIndex = NAS-Port - 50000
Ex: 50017 is ifIndex 17
IfIndex = NAS-Port - 40000
Ex: 50023 is ifIndex 10023
NAS-Port's number is the ifIndex index.
Ex: NAS-Port 115 is the 115th ifIndex entry which is ifIndex 598.
NAS-Port values have not proven meaningful or useful on Wireless equipment. Management type tasks are often performed using an end-point's MAC address instead of a virtual port id.
Last edited by Alan T. DeKok, 2011-07-14 11:32:59
Sponsored by Network RADIUS 