Chapter 7: User Management131Returning User Group Information via RADIUSWhen a RADIUS authentication attempt succeeds, the KX II determinesthe permissions for a given user based on the permissions of the user'sgroup.Your remote RADIUS server can provide these user group names byreturning an attribute, implemented as a RADIUS FILTER-ID. TheFILTER-ID should be formatted as follows: Raritan:G{GROUP_NAME}where GROUP_NAME is a string denoting the name of the group towhich the user belongs.Raritan:G{GROUP_NAME}:D{Dial Back Number}where GROUP_NAME is a string denoting the name of the group towhich the user belongs and Dial Back Number is the number associatedwith the user account that the KX II modem will use to dial back to theuser account.RADIUS Communication Exchange SpecificationsThe KX II sends the following RADIUS attributes to your RADIUS server:Attribute DataLog inAccess-Request (1)NAS-Port-Type (61) VIRTUAL (5) for network connections.NAS-IP-Address (4) The IP address for the KX II.User-Name (1) The user name entered at the login screen.Acct-Session-ID (44) Session ID for accounting.User-Password(2) The encrypted password.Accounting-Request(4)Acct-Status (40) Start(1) - Starts the accounting.NAS-Port-Type (61) VIRTUAL (5) for network connections.NAS-Port (5) Always 0.NAS-IP-Address (4) The IP address for the KX II.User-Name (1) The user name entered at the login screen.Acct-Session-ID (44) Session ID for accounting.Log outAccounting-Request(4)