Information About Network Access Server Identifier
Network access server identifier (NAS-ID) is used to notify the source of a RADIUS access request, which enables the RADIUS server to choose a policy for that request. You can configure one on each WLAN profile, VLAN interface, or access point group. The NAS-ID is sent to the RADIUS server by the controller through an authentication request to classify users to different groups. This enables the RADIUS server to send a customized authentication response.
Note |
The acct-session-id is sent with the RADIUS access request only when accounting is enabled on the policy profile. |
If you configure a NAS-ID for an AP group, it overrides the NAS-ID that is configured for a WLAN profile or the VLAN interface. Similarly, if you configure a NAS-ID for a WLAN profile, it overrides the NAS-ID that is configured for the VLAN interface.
Starting with Cisco IOS XE Cupertino 17.7.1, a new string named custom-string (custom string) is added.
The following options can be configured for a NAS ID:
-
sys-name (System Name)
-
sys-ip (System IP Address)
-
sys-mac (System MAC Address)
-
ap-ip (AP's IP address)
-
ap-name (AP's Name)
-
ap-mac (AP's MAC Address)
-
ap-eth-mac (AP's Ethernet MAC Address)
-
ap-policy-tag (AP's policy tag name)
-
ap-site-tag (AP's site tag name)
-
ssid (SSID Name)
-
ap-location (AP's Location)
-
custom-string (custom string)