attribute reject (RADIUS scheme view)

Use attribute reject to configure a RADIUS attribute rejection rule.

Use undo attribute reject to delete RADIUS attribute rejection rules.

Syntax

attribute reject attr-name { { access-accept | access-request | accounting } * | { received | sent } * }

undo attribute reject [ attr-name ]

Default

No RADIUS attribute rejection rules exist.

Views

RADIUS scheme view

Predefined user roles

network-admin

mdc-admin

Parameters

attr-name: Specifies a RADIUS attribute by its name, a case-insensitive string of 1 to 63 characters. The attribute must be supported by the system.

access-accept: Specifies the RADIUS Access-Accept packets.

access-request: Specifies the RADIUS Access-Request packets.

accounting: Specifies the RADIUS accounting packets.

received: Specifies the received RADIUS packets.

sent: Specifies the sent RADIUS packets.

Usage guidelines

Configure RADIUS attribute rejection rules for the following purposes:

The RADIUS attribute rejection rules take effect only when the RADIUS attribute translation feature is enabled.

A RADIUS attribute can be rejected only by one criterion, packet type or direction.

If you do not specify a RADIUS attribute, the undo attribute reject command deletes all RADIUS attribute rejection rules.

Examples

# In RADIUS scheme radius1, configure a RADIUS attribute rejection rule to delete the Connect-Info attribute from the RADIUS packets to be sent.

<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] attribute reject Connect-Info sent

Related commands

attribute translate