You would like to write policy using the RADIUS group object
You need the dictionary file for BlueCoat ProxySG
How does one use the BlueCoat custom attribute in windows IAS / linux freeRADIUS
The ProxySG appliance allows you to build policy based on RADIUS groups.
One way to do this would be to simply use a standard RADIUS attribute such as Filter-ID, and manually map these to groups via CPL policy on the ProxySG appliance. However, this will not work if you are using VPM to write your policy.
To use visual policy manager (VPM) and RADIUS groups is outlined in the BlueCoat SGOS Administration Guide:
"Create a RADIUS realm group by using the custom Blue Coat attribute, which can appear multiple times within a RADIUS response. It can be used to assign a user to one or more groups. Values that are found in this attribute can be used for comparison with the group condition in CPL and the group object in VPM. The group name is a string with a length from 1-247 characters. The Blue Coat Vendor ID is 14501, and the Blue-Coat-Group attribute has a Vendor Type of 1."
The VPM will only work with the custom Blue Coat attribute. The important details are marked in bold above. Take note of this information to build a custom attribute.
The custom attribute has been tested with both FreeRADIUS and windows IAS; both should work fine.
- Open IAS manger - Create a Remote Access Policy, and modify as necessary - Edit Profile > Advanced - Click the Add button - Select Vendor Specific - Enter vendor code : 14501 “yes it conforms” - Configure attribute vendor-assigned attribute number : 1
The following screenshot illustrates this process:
Imported Document ID: 000014478
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.