Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SBR Carrier] How to add a VSA dictionary file

0

0

Article ID: KB29377 KB Last Updated: 04 Mar 2020Version: 4.0
Summary:

This article explains how to create a new vendor-specific dictionary in SBR Carrier

Symptoms:

A dictionary is required in order to use vendor-specific RADIUS attributes with a specific NAS product.  SBR ships with several vendor-specific dictionaries.  If you require one that doesn't exist, you can create it using the following steps.

Solution:

Steps to add the dictionary to Steel-Belted RADIUS

(Below example using Bluecoat product)
  1. In the dictiona.dcm file located in the RADIUS installed directory (default /opt/JNPRsbr/radius), add the following line:
    @bluecoat.dct
  2. In the vendor.ini file located in the RADIUS installed directory, add the following lines (see vendor.ini embedded comments for details on options):
    vendor-product = Bluecoat
    dictionary = bluecoat
    ignore-ports = no
    port-number-usage = per-port-type
    help-id = 2000
  3. In the RADIUS installed directory, create a new text file named bluecoat.dct and paste the following as its contents:
    ################################################################################
    # bluecoat.dct - the Blue Coat Vendor VSA dictionary
    ################################################################################
    #
    # Include the standard radius dictionary:
    @radius.dct
    #
    #
    # bluecoat Vendor Specific Attributes below:
    #
    MACRO Blue-Coat-VSA(t,s) 26 [vid=14501 type1=%t% len1=+2 data=%s%]
    #
    # Chantry Attributes
    
    ATTRIBUTE Blue-Coat-Group Blue-Coat-VSA(1, string) R
    
    ATTRIBUTE Blue-Coat-Authorization Blue-Coat-VSA(2, integer) R
    VALUE Blue-Coat-Authorization No-Access 0
    VALUE Blue-Coat-Authorization Read-Only-Access 1
    VALUE Blue-Coat-Authorization Read-Write-Access 2
    
    ################################################################################
    # bluecoat.dct - Blue Coat Vendor
    ################################################################################
  4. Create bluecoat.dic file by using the dct_to_dic_converter.sh script

    # ./dct_to_dic_converter.sh
    [ NOTE ]: The .dct or .dci file name should be given as input in [filename.dct] or [filename.dci] format.
    Enter the name of the file to be converted to .dic format : bluecoat.dct
    
    [ NOTE ]: The .dic file name should be in [filename.dic] format.
    Enter the filename for naming the converted .dic file : bluecoat.dic
    
    Writing contents to bluecoat.dic
  5. Restart the SBR process. You should now be able to select Bluecoat as a vendor make/model in the RADIUS client configuration.

Note: See readme.dct for more information about supported data types and dictionary format.

Modification History:

2020-03-04: Updated steps with bluecoat.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search