Sending Operator Name with Cisco ACS 5.4

Friday, July 13, 2012 - 22:30

Sending Operator Name with ACS 5.4

Cisco ACS 5.4 provides the ability to inject and/or overwrite RADIUS attributes while proxying.  This means that attribute 126 Operator Name can be injected for eduroam Visited sites.

Note: This guide is specifically for adding Operator Name attribute injection to an existing Visited Site.  For details of how to configure ACS to be a Visited Site see https://community.ja.net/blogs/scotts-eduroam-blog/article/eduroam-visited-configuration-cisco-acs-53

Operator Name injection while proxying to NRPS

In the Visitor Access Policy (JRS in the example below) first remove any existing Operator Name attributes (which may have been added by the NAS) and add the Service Provide Operator Name.

  1. Go to “Access Policies > Access Services” and click on the Visitor Access Policy (JRS)
  2. Click on the “RADIUS Attibutes” drop down (Below “External Proxy Servers”)
  3. Select “RADIUS-IETF” as the “Dictionary Type:”
  4. Click the ‘Select’ button for “RADIUS Attribute”
  5. In the ‘RADIUS Dictionary popup window select ‘ID’ in the “Filter:” field
  6. In the ‘RADIUS Dictionary popup window select ‘Equals’ in the “Match If:” field
  7. In the ‘RADIUS Dictionary popup window in the text box after the “Match If:” field enter 126 and click the ‘Go’ button
  8. Then tick the radio button for ‘Operator-Name’ and click ‘OK’ at the bottom
  9. In the “Operation:” field chose ‘DELETE’ and then click the ‘Add ^’ button
  10. Repeat steps 3 to 8
  11. In the “Operation:” field chose ‘ADD’
  12. In the “Attribute New Value:” text box enter the your site's realm prepended with 1 e.g. ‘1camford.ac.uk’
  13. Click the ‘Add ^’ button
  14. Click the ‘Submit’ button
acs 5.4
eduroam
operator name attribute
operator-name
visited site
  • Twitter logo
  • LinkedIn logo
  • Google+ logo
  • Reddit logo
  • StumbleUpon logo