1-7No. Attribute No. Attribute44 Acct-Session-Id 91 Tunnel-Server-Auth-idThe attribute types listed in Table 1-2 are defined by RFC 2865, RFC 2866, RFC 2867, and RFC 2568.Extended RADIUS AttributesThe RADIUS protocol features excellent extensibility. Attribute 26 (Vender-Specific) defined by RFC2865 allows a vender to define extended attributes to implement functions that the standard RADIUSprotocol does not provide.A vendor can encapsulate multiple type-length-value (TLV) sub-attributes in RADIUS packets forextension in applications. As shown in Figure 1-5, a sub-attribute that can be encapsulated in Attribute26 consists of the following four parts:z Vendor-ID (four bytes): Indicates the ID of the vendor. Its most significant byte is 0 and the otherthree bytes contain a code complying with RFC 1700.z Vendor-Type: Indicates the type of the sub-attribute.z Vendor-Length: Indicates the length of the sub-attribute.z Vendor-Data: Indicates the contents of the sub-attribute.Figure 1-5 Segment of a RADIUS packet containing an extended attributeIntroduction to HWTACACSHW Terminal Access Controller Access Control System (HWTACACS) is an enhanced securityprotocol based on TACACS (RFC 1492). Similar to RADIUS, it uses a client/server model forinformation exchange between NAS and HWTACACS server.HWTACACS is mainly used to provide AAA services for terminal users. In a typical HWTACACSapplication, a terminal user needs to log into the device for operations, and HWTACACS authenticates,authorizes and keeps accounting for the user. Working as the HWTACACS client, the device sends theusername and password to the HWTACACS sever for authentication. After passing authentication andbeing authorized, the user can log into the device to perform operations.