[MS-RNAS]: Vendor-Specific RADIUS Attributes for Network Policy and Access Server (NPAS) Data Structure
|
This topic lists Errata found in [MS-RNAS] since it was last published. Since this topic is updated frequently, we recommend that you subscribe to this RSS feed to receive update notifications. Errata are subject to the same terms as the Open Specifications documentation referenced. |
|---|
Errata below are for Protocol Document Version V5.0 – 2021/06/25.
|
Errata Published* |
Description |
||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
2022/02/08 |
In section 2.2.1.11 MS-Azure-Policy-ID, added new section
Changed from:
Changed to:
The MS-Azure-Policy-ID is a VSA, as specified in section 2.2.1. It is used by the Radius Server to send an identifier which is used by Azure Point to Site VPN Server to match an authenticated RADIUS user Policy configured on the Azure side. This Policy is used to select IP/ Routing configuration (assigned IP address) for the user. The fields of MS-Azure-Policy-ID MUST be set as follows:
Vendor-Type: An 8-bit unsigned integer that MUST be set to 0x41.
Vendor-Length: An 8-bit unsigned integer that MUST be set to the length of the octet string in the Attribute-Specific Value plus 2.
Attribute-Specific Value: An octet string containing the Policy ID configured on the Azure Point to Site VPN Server.
In section 3.1.5.2 Microsoft VSA Support of RADIUS Messages, added MS-Azure-Policy-ID VSA to table.
Changed from:
Changed to:
In section 3.3.5.2.3 MS-Azure-Policy-ID, added new section
Changed from:
Changed to:
This attribute is consumed only by the Microsoft Azure Point to Site VPN Server.
When a Microsoft Azure Point to Site VPN Server receives this attribute in an Access-Accept message, it applies the IP/ Routing configuration set against Policy-id received for that user.
A NAS that is not a Microsoft Azure Point to Site VPN Server ignores this attribute. For more details about this attribute, see section 2.2.1.11. |
*Date format: YYYY/MM/DD