Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Appendix E Cisco Secure ACS Command-Line Database Utility
User-Defined RADIUS Vendors and VSA Sets
User-Defined RADIUS Vendors and VSA Sets
This section provides information and procedures about user-defined RADIUS
vendors and VSAs. It contains the following topics:
• About User-Defined RADIUS Vendors and VSA Sets, page E-27
• Adding a Custom RADIUS Vendor and VSA Set, page E-28
• Deleting a Custom RADIUS Vendor and VSA Set, page E-29
• Listing Custom RADIUS Vendors, page E-30
• RADIUS Vendor/VSA Import File, page E-31
About User-Defined RADIUS Vendors and VSA Sets
In addition to a set of predefined RADIUS vendors and vendor-specific attributes
(VSAs), Cisco Secure ACS supports RADIUS vendors and VSAs that you define.
CSUtil.exe provides the mechanism for adding and deleting your custom
RADIUS vendors and VSAs. Vendors you add must be IETF-compliant;
therefore, all VSAs that you add must be sub-attributes of IETF RADIUS attribute
number 26.
You can define up to ten custom RADIUS vendors, numbered 0 (zero) through 9.
CSUtil.exe allows only one instance of any given vendor, as defined by the
vendor’s unique IETF ID number and by the vendor name.
Note If you intend to replicate user-defined RADIUS vendor and VSA
configurations, user-defined RADIUS vendor and VSA definitions to be
replicated must be identical on the primary and secondary Cisco Secure ACS
servers, including the RADIUS vendor slots that the user-defined RADIUS
vendors occupy. For more information about database replication, see the
“CiscoSecure Database Replication” section on page 8-6.