Defining a none-Bluecoat VSA in Management Center Radius Settings
Article ID: 247776
Updated On:
Products
Issue/Introduction
By default, Management Center assumes that the Blue Coat VSA is in use. If there is a need to use other than Bluecoat VSA, either or both role membership and group membership attribute in Administration > Settings > RADIUS needs to be defined with Vendor's VSA.
Environment
Management Center running supported version
Radius server
Resolution
Using Packeteer-AVPair (Packeteer's VSA)
If radius server return an Access-Accept response, the expectation is a Packeteer-AVPair VSA and value (network-admin) are included.
E.g.
The Role values can be predefined in Management Center GUI > Administration > Roles with proper permission
When inputting the value, we highly suggest to type it manually (case sensitive). Avoid a copy/paste from any graphical interfaces as this could present extra characters or similar clipboard anomalies.
Additional Information
Radius client such as Management Center do not send VSA.
Your own radius server logs or packet capture should be able to confirm what attributes and values are being sent in radius response.
Feedback
