Skip to content

aaaradiusparams

Configuration for RADIUS parameter resource.

Properties

(click to see Operations)

NameData TypePermissionsDescription
serverip<String>Read-writeIP address of your RADIUS server.
Minimum length = 1
serverport<Integer>Read-writePort number on which the RADIUS server listens for connections.
Default value: 1812
Minimum value = 1
authtimeout<Double>Read-writeMaximum number of seconds that the Citrix ADC waits for a response from the RADIUS server.
Default value: 3
Minimum value = 1
radkey<String>Read-writeThe key shared between the RADIUS server and clients.
Required for allowing the Citrix ADC to communicate with the RADIUS server.
Minimum length = 1
radnasip<String>Read-writeSend the Citrix ADC IP (NSIP) address to the RADIUS server as the Network Access Server IP (NASIP) part of the Radius protocol.
Possible values = ENABLED, DISABLED
radnasid<String>Read-writeSend the Network Access Server ID (NASID) for your Citrix ADC to the RADIUS server as the nasid part of the Radius protocol.
radvendorid<Double>Read-writeVendor ID for RADIUS group extraction.
Minimum value = 1
radattributetype<Double>Read-writeAttribute type for RADIUS group extraction.
Minimum value = 1
radgroupsprefix<String>Read-writePrefix string that precedes group names within a RADIUS attribute for RADIUS group extraction.
radgroupseparator<String>Read-writeGroup separator string that delimits group names within a RADIUS attribute for RADIUS group extraction.
passencoding<String>Read-writeEnable password encoding in RADIUS packets that the Citrix ADC sends to the RADIUS server.
Default value: pap
Possible values = pap, chap, mschapv1, mschapv2
ipvendorid<Double>Read-writeVendor ID attribute in the RADIUS response.
If the attribute is not vendor-encoded, it is set to 0.
ipattributetype<Double>Read-writeIP attribute type in the RADIUS response.
Minimum value = 1
accounting<String>Read-writeConfigure the RADIUS server state to accept or refuse accounting messages.
Possible values = ON, OFF
pwdvendorid<Double>Read-writeVendor ID of the password in the RADIUS response. Used to extract the user password.
Minimum value = 1
pwdattributetype<Double>Read-writeAttribute type of the Vendor ID in the RADIUS response.
Minimum value = 1
defaultauthenticationgroup<String>Read-writeThis is the default group that is chosen when the authentication succeeds in addition to extracted groups.
Maximum length = 64
callingstationid<String>Read-writeSend Calling-Station-ID of the client to the RADIUS server. IP Address of the client is sent as its Calling-Station-ID.
Default value: DISABLED
Possible values = ENABLED, DISABLED
authservretry<Double>Read-writeNumber of retry by the Citrix ADC before getting response from the RADIUS server.
Default value: 3
Minimum value = 1
Maximum value = 10
authentication<String>Read-writeConfigure the RADIUS server state to accept or refuse authentication messages.
Default value: ON
Possible values = ON, OFF
tunnelendpointclientip<String>Read-writeSend Tunnel Endpoint Client IP address to the RADIUS server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
groupauthname<String>Read-onlyTo associate AAA users with an AAA group, use the command

"bind AAA group ... -username ...".

You can bind different policies to each AAA group. Use the command

"bind AAA group ... -policy ...".
ipaddress<String>Read-onlyIP Address.

Operations

(click to see Properties)

UPDATE| UNSET| GET (ALL)

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the Citrix ADC appliance, the URL is as follows:

    http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the Citrix ADC appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Note:

Mandatory parameters are marked in redand placeholder content is marked in <green>.

update

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/aaaradiusparams

HTTP Method:PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"aaaradiusparams":{
"serverip":<String_value>,
"serverport":<Integer_value>,
"authtimeout":<Double_value>,
<b>"radkey":<String_value>,
</b>"radnasip":<String_value>,
"radnasid":<String_value>,
"radvendorid":<Double_value>,
"radattributetype":<Double_value>,
"radgroupsprefix":<String_value>,
"radgroupseparator":<String_value>,
"passencoding":<String_value>,
"ipvendorid":<Double_value>,
"ipattributetype":<Double_value>,
"accounting":<String_value>,
"pwdvendorid":<Double_value>,
"pwdattributetype":<Double_value>,
"defaultauthenticationgroup":<String_value>,
"callingstationid":<String_value>,
"authservretry":<Double_value>,
"authentication":<String_value>,
"tunnelendpointclientip":<String_value>
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

unset

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/aaaradiusparams?action=unset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"aaaradiusparams":{
"serverip":true,
"serverport":true,
"authtimeout":true,
"radnasip":true,
"radnasid":true,
"radvendorid":true,
"radattributetype":true,
"radgroupsprefix":true,
"radgroupseparator":true,
"passencoding":true,
"ipvendorid":true,
"ipattributetype":true,
"accounting":true,
"pwdvendorid":true,
"pwdattributetype":true,
"defaultauthenticationgroup":true,
"callingstationid":true,
"authservretry":true,
"authentication":true,
"tunnelendpointclientip":true
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

get (all)

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/aaaradiusparams

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "aaaradiusparams": [ {
"serverip":<String_value>,
"serverport":<Integer_value>,
"radkey":<String_value>,
"groupauthname":<String_value>,
"authtimeout":<Double_value>,
"radnasip":<String_value>,
"radnasid":<String_value>,
"ipaddress":<String_value>,
"radvendorid":<Double_value>,
"radattributetype":<Double_value>,
"radgroupsprefix":<String_value>,
"radgroupseparator":<String_value>,
"passencoding":<String_value>,
"ipvendorid":<Double_value>,
"ipattributetype":<Double_value>,
"accounting":<String_value>,
"pwdvendorid":<Double_value>,
"pwdattributetype":<Double_value>,
"defaultauthenticationgroup":<String_value>,
"callingstationid":<String_value>,
"authservretry":<Double_value>,
"authentication":<String_value>,
"tunnelendpointclientip":<String_value>
}]}